Privacy & ICT Law

Helping your business grow and manage legal risk

We provide efficient and effective solutions to minimize compliance risks inherent to the handling of personal data as well as digital transformation and ICT initiatives.

You benefit from our strong legal expertise and international network and gain direct access to PwC experts in cybersecurity, technology, transformation management and audit.

Our offering

Amidst digital transformation as well as increasing regulation, compliance with data protection and ICT laws has become a complex and ongoing endeavour – today’s must-have to remain competitive in the market.

We offer a comprehensive range of services with a focus on data protection and digital transformation as well as information and communication technology (ICT).

With our experience and expertise, we are a trusted partner for your national and international stakeholders.

We help you to comply with applicable regulations in a business-as-usual way. In particular, we provide a unique set of tools to ease your compliance journey as well as analytical solutions to assess your data protection governance.

 

 

The next great frontier for boards is unknown legal compliance risks. We have to understand such risks as well as we do strategy.

Dr. Idir Laurent Khiar Privacy & ICT Law, PwC Switzerland

Explore our services

Our team has a long history in advising clients on legal compliance challenges concerning business activities involving personal data, digital transformation as well as ICT initiatives. It operates as trusted external legal advisors and management consultants for a range of clients in the private and public sector.

Legal advice

Are you a Data Protection Officer (DPO), Legal Counsel or an IT Security Officer (CISO) looking for a trusted advisor or sparring partner in matters of privacy and ICT law? Are you founding a data-driven start-up, designing a new business model or leading a digital transformation initiative? We support you with hands-on advice on legal compliance and assist you with designing legally viable solutions.

  • Legal advice on data protection laws (focus on GDPR and Swiss Data Protection Act), including sector-specific privacy and ICT legislation
  • Customised privacy-related agreements: Support during negotiations with external service providers (processors), drafting or review of data processing or data transfer agreements
  • DPO-coaching: Solving organisational or governance issues, conducting necessary reporting, solving independence challenges
  • Assistance with regard to data subject rights
  • Support on all aspects of Data Protection Impact Assessment (DPIA), customised DPIA guidance, review of and second opinions on DPIAs
  • Support on all aspects of Legitimate Interest Assessment (LIA), customised LIA guidance, review of and second opinions on existing LIAs
  • Customised privacy best practice guidance: App development, personalisation, web-analytics, services to children and youth, data-driven R&D, data analytics, marketing and social media, cloud computing, IoT services, etc.
  • Vendor selection: Advice on privacy management tools, business software solutions, cloud providers, etc.
  • Legal advice for business development: Innovative service offerings, digital transformation initiatives, platform economy solutions

Compliance assessments

Do you question whether you comply with all the necessary legal and regulatory requirements? Do you doubt the necessity of proposed compliance measures? Have you recently implemented a privacy compliance project and are wondering whether everything has been addressed? We support you with a set of tested tools and analytical concepts:

  • Independent assessment
  • GAP analyses
  • Social media check

Regulatory affairs

Are you concerned about the expanded investigative and enforcement powers of data protection supervisory authorities? Are you concerned about how to give notification of a data protection breach or answer requests from supervisory authorities? We support you with our experience in regulatory affairs:

  • Drafting and implementing a data protection regulatory strategy
  • Support during Binding Corporate Rules (BCR) negotiations
  • Client support in case of regulatory requests and investigations
  • Breach investigations and notifications (together with PwC’s forensics experts)
  • Communication support and management

Data protection implementation

Do you have to comply with data protection legislation (e.g. GDPR, FADP, ePrivacy)? Do you lack a proper compliance architecture? Are you concerned about establishing records of processing activities – do you lack knowledge or resources?

We support you with:

  • Implementation: Based on our experience with comprehensive GDPR and FADP implementation projects, we are best positioned to assist you with your compliance journey. This covers e.g. records of processing activities, drafting privacy policies as well as privacy notices and necessary processes. We provide you with relevant standards and guidelines, conduct or support you with DPIAs, define future DPO function and shape your privacy governance.
  • Records of processing activities: We provide experienced on demand support for establishing records of processing activities.

Support for business development

Do you develop a new or innovative service offering for clients? Are you a start-up? Do you plan a digital transformation initiative? Are you heading towards a platform economy solution?

We support you with the necessary legal advice:

  • Legal viability: Thanks to our experience and unique business insights, we are best positioned to assist you in realising your ambitions and reaching your goals when facing questions at the intersection of business, technology and law.
  • Complying with Privacy by Design & by Default: We help you to elaborate new business models and design innovative services and products, which comply with key data protection principles.
  • Platform economy solution: Learn more about our services: “Your successful journey to the platform economy”

LegalTech solutions

Are you looking for a data protection compliance management solution? Do you need data pseudonymisation, anonymisation or encryption software? Are you interested in innovative and effective compliance training tools?

With our LegalTech partners, we are able to provide tested and efficient tool solutions in the field of legal compliance as well as privacy enhancing and preserving technologies (PETs).

Policy consulting & research

Would you like to better understand the impact of legislation on your business? Would you like to act as a thought leader in your sector and actively shape public policy and regulatory developments?

By integrating our legal, subject and methodological knowledge, we support you with:

  • drafting sector-specific position papers on public policies and draft legislation
  • performing studies on public policy measures and regulatory initiatives
  • conducting regulatory impact assessments
  • communicating with stakeholders

Platform economy solutions

Do you aim to reinvent or innovate your business and challenge your peers? Do you want to monetise data by acquisition and sharing as well as analytics? In essence, do you plan to move to the platform economy?

We support you on your journey to the platform economy. Learn more about our services: “Your successful journey to the platform economy”


Our service packages

Our subject-based and standardised service packages are designed to meet your needs and provide you with the comfort of expert advice as well as tested tools. Our service packages help you to grow and protect your business.

Check & Implementation

Since May 2018, the European General Data Protection Regulation (GDPR) applies to companies both in and outside the EU. Furthermore, the Swiss Federal Act on Data Protection (FADP) is current being revised. Our standardised Data Protection "Check & Implementation" package helps you to tackle the challenges related to these new laws. Please contact us to explore our service package in more detail.

Mergers & Acquisitions

The accountability principle stipulated in the EU General Data Protection Regulation (GDPR) requires companies to diligently review potential acquisition targets from a data protection law perspective. With our Mergers & Acquisitions package, we help you to avoid legal risks related to data protection law and M&A. Please contact us to explore our service package in more detail.

Employment & Data Protection Law in HR

People Analytics and the digital transformation open new opportunities for employers to gain insights from employee data. In the meantime, applicable Data Protection & Employment Laws must be considered when employee data are being processed. Our Employment & Data Protection Law package covers a broad range of services, including standardised assessments. Please contact us to explore our service package in more detail.

The keys to efficient and effective legal compliance and risk mitigation are knowledge, insights and the people you choose to assist you.

Susanne HofmannHead Legal Compliance and Privacy & ICT Law, PwC Switzerland

Contact our experts

Please reach out to us with your request.

 

Contact us

Susanne Hofmann

Susanne Hofmann

Leader Privacy & ICT Law/Legal Compliance | Legal | Director, PwC Switzerland

Tel: +41 58 792 17 12

Dr. Idir Laurent Khiar

Dr. Idir Laurent Khiar

Head Privacy & ICT Law | Legal | Senior Manager, PwC Switzerland

Tel: +41 58 792 17 51

Hide