In a world where data protection regulations are becoming increasingly complex, it is crucial to stay on top of things and understand the key aspects. In this interactive webinar we will:

• The introduction to the Swiss Data Protection Ordinance and the revised Data Protection Act (nDSG).
• General data protection management in your company (data protection manual, list of processing activities, contracts, technical and organisational measures (TOMs). 
• Practical measures (DSM tool) to fulfil the requirements of the Federal Data Protection and Information Commissioner (FDPIC).

Our team of experts will provide you with practical insights and solutions to help you optimise your data protection strategy and run your company successfully.

New Swiss Data Protection Act

The new Swiss Data Protection Act (nDSG) has been in force since 1 September 2023 and all Swiss companies have had to comply with data protection requirements since this date. In particular, the law introduces new information, documentation and reporting obligations.

One important innovation concerns extended information obligations. Companies must provide certain minimum information, such as the identity of the controller, the purposes for which the personal data is processed, the recipients of the data transfer and the security guarantees for data transfers abroad. This information should be precise, transparent and easily accessible.

In the event of data breaches that pose a high risk to data subjects, companies must report the incident to the Federal Data Protection and Information Commissioner (FDPIC) as quickly as possible. Data subjects should also be informed as quickly as possible. Fines of up to CHF 250,000 can be imposed for breaches of data protection obligations. In this case, natural persons are held responsible and penalised.

The nDSG also contains provisions on breaches of the duty of care, the maintenance of a processing register, the handling of sensitive personal data and high-risk data processing as well as privacy by design and privacy by default. It is recommended that a data protection advisor be appointed to monitor compliance with data protection regulations and advise companies on data protection issues. External support can be utilised to effectively implement the requirements.

Individuals have the right to obtain information about the data concerning them. Companies must provide certain information, such as the recipient of the data and the purpose of the data processing. Individuals also have the right to request their data in a commonly used electronic format. The right to erasure, blocking or rectification of data also exists. Companies should therefore establish processes for the efficient deletion of data that is no longer required.

We will address these points in our webinar. We will be happy to help you with the implementation and fine-tuning of measures to adapt your company structures to the (new) legal data protection regulations. We will also be happy to advise you without obligation in an initial meeting (e.g. TelCo) on pragmatic and uncomplicated solutions that will make your data protection much easier and definitely save effort and costs.

Data security and IT security

The cornerstones of secure IT operations are the maintenance and support of the hardware used and software that is already compliant with data protection regulations by default or by design. As a flying supporter with over 20 years of experience, we have a great deal of expertise in all areas of the IT solutions used today. In this webinar, we will also be happy to show you tried-and-tested and simple solutions for ensuring well-maintained hardware and software and for securing your IT network and all mail traffic. Let us surprise you.