Skip to main content

Online Privacy Statement 

Last modified on: 20 May 2022 
KPMG considers it important to safeguard the privacy and confidentiality of information entrusted to it. We therefore process your personal data safely and with care. This Online Privacy Statement relates to KPMG Netherlands' "Working at KPMG" website. It tells you how KPMG collects, use, share and protect personal data through the website and how we handle the processing of personal data as part of our recruitment process. For information about KPMG's processing of personal data in the context of the general KPMG NL website, please consult the KPMG NL Privacy Statement. 

Who is responsible for your personal data? 

KPMG Staffing & Facility Services B.V. is responsible for processing your personal data. Most of the time, it is jointly responsible with the KPMG entity that primarily determines the purpose and means of data processing. KPMG Staffing & Facility Services B.V. is a subsidiary of KPMG N.V. and is listed in the Dutch business register under number 34153861. 
Within the KPMG organisation, KPMG Staffing & Facility Services B.V. bears maximum responsibility for complying with privacy legislation, including the obligation to provide information and the exercise of rights. Please contact KPMG Staffing & Facility Services B.V. if you have any questions or complaints about the processing of your personal data. 

What types of personal data do we process? 

KPMG processes personal data when you visit our website as well as during our recruitment process. For example, if you apply for a position or register for an event. 
KPMG only collects personal data that are needed. We only collect additional personal data with your consent. 
We may process the following types of personal data when you visit our website and during the recruitment process: 

  • Name 

  • Email address 

  • Phone number 

  • IP address 

  • Login information 

  • Your interests and preferences 

  • Information about your browsing and viewing habits and possibly your location and other cookie information 

  • Employment history / résumé (when applying for a position or via the KPMG & Me Dashboard) 

  • Graduation date 

  • LinkedIn URL 

The KPMG Website may link to other websites, including websites of KPMG organisations outside the Netherlands. These other websites are not subject to this Online Privacy Statement but are governed by other privacy statements. We encourage you to review the privacy statement of each website you visit so that you always know what happens to your personal data. 

For what purposes do we use personal data? 

KPMG processes personal data for the following purposes: 

  • to find suitable job candidates during the recruitment process; 

  • to personalise your user experience; 

  • to respond to any request you have for information about KPMG; 

  • to build/expand your profile, possibly combined with data already available about you. We may then contact you , e.g. with a view to recruiting you; 

  • to optimise your visit to our website and to continuously improve our services; 

  • to keep in touch with you through your personalised environment in the KPMG & Me Dashboard.  

  • to contact you in connection with your application for employment with KPMG. 

We will not use your personal data for purposes other than those for which you initially disclosed them to us. Exceptions to this are: i) if we have to comply with a statutory obligation, ii) if you give us permission to also process your personal data for a different purpose, or iii) if further processing is permitted under privacy legislation. 

On what bases do we process personal data? 

The privacy legislation, including the General Data Protection Regulation ("GDPR"), allows the processing of personal data if it is done on one of the bases set out in the GDPR. When we process your personal data, we do so on the basis of a legitimate interest, on the basis of your consent or pursuant to the law. 
We process your personal data on the basis of our legitimate interest when: 

  • looking for suitable job candidates for KPMG and maintaining contact with potential ones; 

  • managing existing or potential applicants; 

  • optimising and/or personalising content; 

  • optimising our operations, such as standardising processes; 

  • carrying out privacy or security audits. 

We will always balance your privacy interests against our business interests when using this basis. 
You may also have specifically and explicitly consented to the processing of your personal data for a particular purpose. For example, to keep your personal data for one year after your application.  Or when you create a KPMG & Me Dashboard. You may withdraw your consent at any time using the link included in any email you receive from us, or by emailing KPMG at
We may also process your personal data if required to do so by law. 

How do we process personal data during the recruitment process? 

We process them at various stages of the recruitment process; you will find more information on this below. The purpose of such processing is always: to find suitable job candidates for KPMG. 

Finding suitable job candidates 
During the recruitment process, we search for suitable job candidates through direct search, talent pools and events. 
Direct search 
We contact potential job candidates through various platforms, such as LinkedIn. With their consent, we store those candidates' profiles and contact details. We delete these data one year after the job candidate has given their consent, unless they renew their consent to our retaining their data for another year. 
Talent pools 

Job candidates who seem suitable for KPMG but do not immediately qualify for a vacancy or event participation are added to the talent pool. KPMG asks these job candidates' consent for us to keep their data for this purpose. These include contact details, résumés and cover letters. We maintain regular contact, e.g. by phone or through mailings containing interesting articles, vacancies or invitations to events. We delete data one year after the job candidate has given their consent, unless they renew their consent for us to retain their data for another year. 
Job candidates can register through the website to participate in events hosted by KPMG. When registering, they will provide contact details, résumés and cover letters. We will delete their data four weeks after the event has taken place, unless they consent to our retaining their data for one year. We will then delete their data after that one year, unless they renew their consent to our retaining their data for another year. 


Applications may consist of several components, including the application itself, an online assessment, interviews and the contract offer. Job candidates can apply for vacancies on the website. Vacancies on external websites always lead back to the KPMG vacancies page. When applying for a job, applicants provide contact details, résumés and cover letters. 
KPMG may consult the job candidates' social media profiles as part of the application process, e.g. on LinkedIn or Facebook. But we will only do so if this is necessary and relevant to determine a person's suitability for a position at KPMG. A job candidate's data coming in during the application process is shared only with the staff involved in the application. 
Online assessment 
The application process includes an online assessment. The relevant candidate takes the assessment in an external assessment agency's online environment. Upon completing it, he or she will have access to the assessment results and may choose to forward them to KPMG. 
After the online assessment, we will interview the job candidate. The individuals present at these interviews receive the job candidate's personal data (contact details, résumé, cover letter and, where available, the assessment results). After the interviews, the job candidate will receive feedback (by phone) on the outcome. KPMG also stores this feedback. 
Contract offer 
After the interviews have been completed, KPMG may make an offer to the job candidate. At this stage, KPMG requests a copy of the job candidate's ID to add to the file. KPMG is required by law to have a copy of his or her ID. 
Rejected candidates will be notified of their rejection. We will delete or anonymise the personal data of rejected candidates within four weeks after the end of the application process, unless those candidates consent to our retaining their data for one year. In that case, we will then delete or anonymise their data after that year, unless they give us their renewed consent to our retaining their data for another year. 

KPMG & Me 

You can create a KPMG & Me Dashboard online. This is a personalised online environment where you can receive updates on news and events as well as other notifications on topics of your interest. We also send emails with such content; you can unsubscribe from such emails using the link provided in each email. You can also upload your résumé to this Dashboard.  

You can also create a KPMG & Me Dashboard if you are not applying for a job directly, or if you have already started the application process. If you have created a KPMG & Me Dashboard, any applications will be linked to it. You can also access this information on the Dashboard.  

When creating the KPMG & Me Dashboard, we ask for your consent to process your data for the purposes of the KPMG & Me Dashboard. You may withdraw your consent at any time by deleting the dashboard yourself online, or by sending an email to Deleting the KPMG & Me Dashboard will result in all your data being deleted from our system. This may mean that data related to an ongoing job application will also be deleted. If you wish to delete only the Dashboard, you can do so yourself through your KPMG & Me account or by contacting Recruitment at 

With whom do we share personal data? 

We use third-party services for some of our activities. For example, we use parties that provide general IT services, such as hosting and technical maintenance, and parties that provide specific services, such as registration for KPMG events and carrying out assessments. In all cases, we have concluded an appropriate processing or other agreement with the relevant third party that ensures, among other things, proper and secure data processing. 
In addition, KPMG may disclose personal data to other KPMG organisations or to external companies abroad that cooperate with or represent us. KPMG may also process personal data in a country other than the country where you are established. If KPMG transfers personal data abroad, it will do so in accordance with European (and Dutch) privacy legislation.  
KPMG must also disclose personal data if required to do so by law. In addition, we may also need personal data for privacy or security audits or to conduct an investigation in response to a complaint or security threat. 
KPMG will not disclose personal data you provide to us to any third party for its direct marketing purposes.  

Where will your personal data be stored? 

We store your data in several databases. We always maintain strict security measures. Your personal data may be transferred to and stored in countries outside the European Union. In that case, we will ensure that your privacy remains suitably protected. 

How do we secure personal data? 

KPMG has security policies and procedures to protect personal data against accidental or unlawful destruction, loss, alteration or unauthorised disclosure of or access to data. We make every effort to strictly limit access to personal data to persons who need to be involved in processing your personal data on our behalf and who are otherwise authorised to do so within the framework of privacy legislation. Any persons who have access to the personal data are obliged to keep it confidential. Where necessary, this is contractually agreed. 

How long do we retain personal data? 

KPMG retains personal data only for the period required for the purposes indicated, to the extent that it is permitted by law or until you ask for your personal data to be deleted. KPMG has established an internal retention policy for this purpose and we regularly update it. 
In this Online Privacy Statement, the section entitled How are personal data processed during the recruitment process? provides more information on the retention of your data during the recruitment process. 

Do we use cookies? 

KPMG uses cookies, web beacons and other techniques to collect information when you use our website. Processing these data allows us to improve and personalise the operation, usability and effectiveness of the service and to measure the effectiveness of our marketing activities.  
A "cookie" is a small text file that a website places on your computer, tablet or smartphone. This enables the website to recognise your device. Cookies are used for a variety of purposes. When we refer to "cookies" in this Online Privacy Statement, we mean cookies, web beacons, pixels and other similar techniques. 
Our web pages also use other third-party tools or widgets to provide additional functionality (such as viewing a video). A cookie will then be placed on your device to make it easier for you to use such third-party services. If you use third-party tools or widgets, they may also process your personal data. For more information on this, please refer to the relevant third-party's privacy statement. 
A cookie banner may appear on our website requesting your consent for us to use cookies. If you do not give your consent, we will place only functional cookies (these do not require consent, as they do not invade your privacy) and analytical cookies with privacy-friendly settings (these do not require consent either). As an additional measure, we have also blocked the IP address by default for some cookies. 
If you do consent, we also place other cookies, such as tracking and social-media cookies. You can set your internet browser to alert you when you receive a cookie or to refuse cookies. Please note that if you do not accept cookies, you may not be able to experience the full functionality of the website. 

Below you will find information about the types of cookies we use on our website. 

Type of cookie 




Functional cookies 
Functional cookies or technical cookies are cookies needed for a website to work. These cookies help us to enable specific website functionality to improve your experience, e.g. remembering your choices and preferences (such as your language preference) or storing more complex decisions; for example, they also allow you to navigate our website and use its various features. 

Privacy preferences 

These cookies track whether you have given consent. 

Remain active after session; 
are removed after 4 months. 

Analytical cookies 
These cookies enable us to recognise visitors, track their numbers and see how they navigate our website. This helps us improve user navigation and ensure that users have less trouble finding what they are looking for. We use the information obtained through these cookies for the sole purpose of improving our website's performance. We use Google Analytics for these cookies; information collected by Google Analytics is anonymised as much as possible. For example, Google will never process your full IP address and always blocks the last part of your IP address. For more information, please see Google's Privacy Policy. 


We use various external cookies to analyse the use of our website. This allows us to improve its quality and content. Information we collect: IP address, number of unique visitors, search terms, visitor's location (country code), date, duration and frequency of visit, hardware used, browser type, marketing-campaign data. For example, we may use Google cookies and scripts to measure how effective our content is and to better serve your interests. 

Remain active after session; 
are removed after 2 years. 

Tracking cookies 
Tracking cookies, also referred to as marketing cookies, are cookies used within a domain or across different domains to record visitors' browsing behaviour. This allows for targeted content such as videos, vacancies and events, among other things. The use of tracking cookies requires the user's informed consent. If you wish to accept these cookies, you will be prompted to agree by clicking on the button. 

YouTube video 










In order for you to use YouTube videos on our website, YouTube places its own and possibly third-party cookies, which may include Google and DoubleClick. These cookies are not managed by KPMG but by these third parties.  

Our website also uses the LinkedIn Insight Tag for conversion tracking. The LinkedIn Insight Tag is a tool provided by LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland. To enable this conversion tracking, the LinkedIn Insight Tag is integrated into our website and LinkedIn places a cookie on your device. LinkedIn learns that you visited our website, and we collect your IP address. We also retain time stamps and events such as page views. This enables us to statistically evaluate the use of our website so that we can continuously optimise it. For example, we can find out which LinkedIn ad or interaction brought you to our website. This information allows us to optimise our ad displays. 

For more information on conversion tracking, go to We would like to remind you that we may retain and process LinkedIn data in a way that allows it to be linked to the relevant user's profile. We would also like to remind you that LinkedIn may use the data for its own advertising purposes. For more information, please refer to LinkedIn's privacy policy at


Please refer to the privacy statements of YouTube, Google and DoubleClick 



The following link allows you to stop LinkedIn from analysing your usage behaviour and showing you interest-based recommendations:






What are your rights? 

You have the right to access your personal data. In addition, you have the right to modify and delete your personal data, to restrict its use, to object to certain processing operations and to transfer your personal data. 
You may ask to exercise your rights described here by contacting We will be required to verify your identity, however. We may therefore request additional information from you to establish your identity. 

If you have created a KPMG & Me Dashboard, you can also exercise some of these rights yourself, for example by modifying your data on the KPMG & Me Dashboard yourself, or by deleting the KPMG & Me Dashboard. 

Do you have any questions or complaints? 

KPMG is committed to safeguarding the privacy and confidentiality of information entrusted to it. If you have a request or question regarding the processing of your personal data or if you wish to object to it, please email your comment, question or objection to
KPMG has appointed a Data Protection Officer. You can also send an email to our Data Protection Officer at if you have any questions and requests related to the processing of your personal data. 
You may also file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at any time. 

Changes to this privacy statement 

KPMG may update this Online Privacy Statement from time to time. Whenever we make any change to it, we will also change the "Last modified on" date stated at the top of this page. We will then also provide a brief summary of the main changes compared to the previous version. 
Wherever this Online Privacy Statement refers to "KPMG", "we", "our" and "us", this is a reference to KPMG N.V. and its subsidiaries