Data protection

The processing of personal data and the protection of such data is a current issue that concerns us all, either because we process other people’s data or because data concerning us are being processed by third parties.

The relevant regulations are tending to become stricter, particularly in view of the entry into force of the EU General Data Protection Regulation (GDPR) and the Swiss legislation which is currently under revision.

Both public authorities and private companies – in particular in their relation with employees, customers and service providers – must ensure that they comply with data protection rules, including by implementing the necessary technical and organizational measures

Our firm has the necessary skills to assist you in your compliance, to draft or review appropriate social regulations (e.g. confidentiality policy, retention policy, etc.) and any contractual clauses relating to data protection. We assist you, among other things, in determining and setting up the necessary organizational and technical measures. We advise you on questions relating to specific data processing operations.

Our firm is also able to advise and assist you in exercising your rights against third parties.

Specific skills

Assistance in the context of compliance (LPD, GDPR, etc.)

Whether you are at the beginning of a project or during your company’s activities, it is important to question the data processing carried out and their compliance with legal standards.

Our firm provides you with useful and pragmatic support.

Drafting and revision of social regulations (confidentiality policy, conservation policy, etc.)

The drafting of social regulations on data protection requires first of all to clearly identify the processing operations carried out, the types of data processed and to determine whether the legal principles are respected in this context. Our firm assists you in this analysis in order to establish the regulations that will meet the requirements of the regulations that are applicable to you.

Advice specific to a particular data processing operation

Sending a newsletter, creating a customer file, transferring data to a third party, using cookies… These are just a few examples where data protection issues arise. Our firm has the necessary skills to advise you in the context of a particular data processing.

Drafting and revision of contractual clauses relating to data protection

When negotiating a contract, it is important to consider whether a data protection clause is necessary to protect your interests and those of third parties. Such a clause stipulates in particular which data are processed and for what purposes, whether outsourcing is allowed and under what conditions, what happens to the data at the end of the contract, etc. Legal provisions impose minimum requirements in contracts where there is a processing of personal data which must be respected.

Intervention as a DPO (data protection officer)

If you, as a company or authority, decide or are obliged to appoint a DPO, we can act as an external consultant, which has the advantage of guaranteeing independence and avoiding any conflict of interest.

Experience

•     Advice to companies on data protection in Switzerland and the European Union (GDPR), in particular with a view to bringing them into compliance
•     Drafting and review of data protection regulations, privacy policy, retention policy, etc.
•     Drafting and review of contractual clauses relating to data protection
•     Filing claim to the Federal Data Protection and Transparency Commissioner