In today’s world, protecting personal data through a robust data protection organization and governance is “key”. In fact, significant consequences arose for companies (including Swiss) upon the entry into force of the EU General Data Protection Regulation ("GDPR") in May 2018. Many countries globally have followed this regulatory trend.
In Switzerland, the revised Swiss Data Protection Act ("DPA") is expected to apply from 1. September 2023. Compared to the current DPA, the revised DPA will entail significant tightening of the law. In many respects, the revised DPA aims to align with the regulation in the European Union, but some aspects differ from the GDPR ("Swiss Finish"). Notably, under the DPA, natural persons acting on behalf of a company (as the responsible party) may be personally liable to prosecution. Swiss companies should therefore review their existing data protection framework, carefully analyze the “gaps” to the revised DPA and take the necessary measures timely, in order to be DPA-ready on September 1, 2023.
Data protection laws require the ability to identify, control and react to data protection risks.
Your company can achieve a "gold standard" in handling personal data and builds trust with customers.
With our experience and expertise in data protection and ICT law, we are the partner of choice both for setting up your data protection organisation and for specific data protection and ICT law concerns. Thanks to our coordinated support, complex regulations become conceivably simple.
Do you want to know how to prepare for the implementation of the revised FADP? Find all the relevant information here in our data protection blog series.
Supervisory Board and Management Board nowadays want to know, whether their data protection management system is robust enough and whether the staffing is appropriate. The aim is to understand the risk exposure and maturity towards the market.
Data protection laws require the ability to identify, control and react to data protection risks, including clearly defined data protection roles and responsibilities. We will develop a data protection management system that enables you to govern your organisation.
With a planned cloud migration, data protection considerations arise, especially in connection with cross-border data transfers. In regulated industries, regulatory requirements (e.g. FINMA) and industry standards are also relevant. In addition, professional secrecy considerations arise.
A significant impetus of global data protection laws is the need to conduct DPIAs to help identify and minimise data protection risks which a new process, technology, system or device might have on an individual.
Companies (“controllers”) that entrust another company with the processing of personal data (“processors”, e.g. supplier) must ensure by contract that the entrusted company takes appropriate technical and organizational measures to protect the data.
Also in case of joint controllership, there may be a legal obligation (or other sound reasons) to contractually regulate the respective obligations and rights with respect to the personal data.
Data protection is not only a regulatory requirement, but can also be pursued as a strategic approach and thus contribute to the business success of a company:
We would be happy to support you in using data protection as a strategic tool for business success in your company.
The legal services offered by Cyberlaw provide a 360° protection framework for companies, institutions and individuals.
All companies across industries are susceptible to a cyber security incident that can arise from insider, e.g. employees or contractors or outsiders, e.g. competitors or governments.
Attacks on information and communications technology (ICT) systems have significantly increased since the beginning of the pandemic. Swiss companies have also recently been more and more affected across all sectors. In this context, regulatory and legal aspects of dealing with ICT risks are becoming increasingly important. In this context, digital workplace design is of great importance. Please find out here how we can help your company to protect your modern workplace.
All companies across industries are susceptible to a cyber security incident that can arise from:
Data protection is not only about being compliant with the law. It is also about building trust as a company vis-a-vis your stakeholders, clients and employees.
Partner Legal, PwC Switzerland
Tel: +41 58 792 18 56
Senior Manager | Data Privacy | ICT | Implementationᐩ, PwC Switzerland
Tel: +41 58 792 47 59
Director | Head of FinTech, Blockchain and Digital Assets, PwC Switzerland
Tel: +41 58 792 92 24
Associate | Data Privacy | ICT | Implementationᐩ , PwC Switzerland
Tel: +41 58 792 44 00
Trainee | Data Privacy | ICT | Implementationᐩ, PwC Switzerland
Tel: +41 58 792 49 64