At Partenaires de Comptabilité Générale au Luxembourg Sarl (PCG), the protection of your personal data and respect for your privacy are absolute priorities. As an accounting firm that processes sensitive information for its clients on a daily basis, we are fully aware of the importance of confidentiality and data security.
This Privacy Policy explains in a transparent and detailed manner how we collect, use, store and protect your personal data when you visit our website pcglux.lu, use our contact forms, or engage our professional services.
We are committed to strictly complying with all applicable regulations relating to the protection of personal data, in particular the General Data Protection Regulation (GDPR) and Luxembourg legislation. We implement all necessary technical and organisational measures to ensure the security of your data and the protection of your rights.
We invite you to read this Privacy Policy carefully in order to understand how your data is processed and how you can exercise your rights.
1. Data Controller
The controller of your personal data is:
Partenaires de Comptabilité Générale au Luxembourg Sarl
Registered office: 108 rue de l’Alzette, L-4010 Esch-sur-Alzette, Grand Duchy of Luxembourg
RCS number: [To be completed]
Email: pcg@pcglux.lu
Telephone: [To be completed]
For any questions relating to the protection of your personal data or to exercise your rights, you may contact us at the following email address: pcg@pcglux.lu
2. What personal data do we collect?
2.1. Data collected via contact, quotation and appointment forms
When you use our contact, quotation request or appointment booking forms, we collect the following data.
Mandatory data:
– Title (Mr/Ms)
– Last name
– First name
– Email address
– Telephone number
– Subject of your request / Message
Optional data (depending on the form):
– Company name
– Status (company / entrepreneur / individual)
– Number of employees
– Expected turnover
– Defined budget
– Services you are interested in
– Availability to be contacted
– Preferred contact method (telephone / email)
2.2. Browsing data
When you visit our website, certain technical data is automatically collected:
– IP address
– Browser type and version
– Operating system
– Pages visited and duration of visits
– Date and time of connection
– Referring URL (website from which you accessed our site)
This data is collected via server log files and does not allow you to be identified directly.
2.3. Data collected via cookies
For more information about the cookies we use, please consult our Cookie Policy.
2.4. Data collected in the context of our services
If you become a client of PCG, we collect and process the data necessary for the performance of our accounting, tax, payroll, legal and advisory services, including in particular:
– Identification information (last name, first name, date of birth, nationality, address)
– Contact details (postal address, email, telephone)
– Professional information (company, position, sector of activity)
– Financial and accounting data (depending on the nature of our services)
– Social security number (for payroll and social services)
– VAT number and tax registration numbers
– Bank details (for invoicing and payments)
– Any other data necessary for the performance of our legal and contractual obligations
3. Why do we collect your personal data? (Purposes and legal bases)
We collect and process your personal data solely for specific, explicit and legitimate purposes, in accordance with the GDPR.
3.1. Processing of contact, quotation and appointment requests
Purpose: To respond to your requests for information, prepare a personalised quotation, and schedule an appointment.
Legal basis: Pre-contractual measures taken at your request (Article 6(1)(b) GDPR).
Retention period: 3 years from your last contact, unless you become a client.
3.2. Performance of our services
Purpose: To provide the accounting, tax, payroll, legal and advisory services you have ordered.
Legal basis: Performance of a service contract (Article 6(1)(b) GDPR).
Retention period: Duration of the contractual relationship + 10 years in accordance with Luxembourg legal obligations.
3.3. Compliance with legal and regulatory obligations
Purpose: Compliance with our legal obligations as an accounting firm (anti-money laundering, accounting record retention, etc.).
Legal basis: Legal obligation (Article 6(1)(c) GDPR).
Retention period: Minimum 10 years.
3.4. Customer relationship management
Purpose: Managing our commercial relationship, informing you about our services, and improving our offerings.
Legal basis: Legitimate interest (Article 6(1)(f) GDPR).
Retention period: 3 years after the end of the commercial relationship.
3.5. Website improvement
Purpose: Analysing website usage to improve performance and user experience.
Legal basis: Legitimate interest or consent, depending on cookie type.
Retention period: Maximum 13 months for analytical cookies.
3.6. Defence of our rights
Purpose: Establishing, exercising or defending legal claims.
Legal basis: Legitimate interest (Article 6(1)(f) GDPR).
Retention period: Duration of proceedings plus applicable limitation periods.
4. Who has access to your personal data?
Your personal data is processed only by authorised personnel within PCG, in accordance with the “need-to-know” principle.
4.1. Internal recipients
– Administrative and accounting staff
– Chartered accountants and consultants responsible for your file
– PCG management
– IT department (technical maintenance)
4.2. External recipients
In the context of our services and legal obligations, your data may be communicated to:
– Luxembourg tax and social authorities (ACD, AED, CCSS, IGSS, RCS, CSSF, CRF)
– IT and hosting service providers (EU-based servers)
– Email service providers
– Professional subcontractors (auditors, lawyers, notaries, experts)
– Banks and insurers
– Judicial authorities, if legally required
4.3. Transfers outside the EEA
Your personal data is stored and processed within the European Economic Area (EEA). In principle, no transfers outside the EEA are carried out. If such a transfer were to occur, appropriate safeguards would be implemented in accordance with the GDPR.
5. How long do we retain your data?
Your personal data is retained only for as long as necessary for the purposes for which it was collected and in compliance with legal requirements.
| Type of data | Retention period |
|---|---|
| Contact / quotation requests (non-converted prospects) | 3 years from last contact |
| Client files (accounting, tax) | Relationship duration + 10 years |
| Accounting and tax documents | Minimum 10 years |
| Service contracts | 10 years after contract end |
| Invoices and accounting records | 10 years |
| Browsing data (server logs) | Maximum 12 months |
| Analytical cookies | Maximum 13 months |
| Commercial correspondence | 5 years |
| Litigation-related documents | Duration of litigation + limitation period |
6. How do we protect your personal data?
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration or disclosure.
6.1. Technical measures
– Secure hosting within the EU
– HTTPS/SSL encryption
– Regular secure backups
– Firewalls and intrusion detection systems
– Software and security updates
– Antivirus and anti-malware protection
– Strong authentication controls
6.2. Organisational measures
– Restricted access based on authorisation
– Strong password policies
– Confidentiality clauses in employment contracts
– Staff training and awareness
– GDPR-compliant subcontracting agreements
– Data breach management procedures
– Clean desk and secure document destruction policies
7. What are your rights?
In accordance with the GDPR and Luxembourg law, you have rights of access, rectification, erasure, restriction, portability, objection, consent withdrawal and post-mortem directives.
8. Right to lodge a complaint
You may lodge a complaint with the Luxembourg supervisory authority:
– Commission Nationale pour la Protection des Données (CNPD)
– 15, boulevard du Jazz, L-4370 Belvaux, Luxembourg
– Email: info@cnpd.lu
– Website: https://cnpd.public.lu
9. Personal data of minors
Our services are intended for adults only (18+). We do not knowingly collect data relating to minors without parental consent.
10. Changes to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time. Any changes will be published on this page.
11. Contact
By email
pcg@pcglux.lu
By post
Partenaires de Comptabilité Générale au Luxembourg Sarl
108 rue de l’Alzette
L-4010 Esch-sur-Alzette
Grand Duchy of Luxembourg
By telephone
[To be completed]