Changes to Swiss data protection: privacy-by-design for your company

In April 2020, Switzerland revised its Data Protection Act (DPA), significantly strengthening data protection for individuals. As of 1 September 2023, these changes will apply. For you as a business owner, this means that you now have to comply with the revised regulations. Subsequently, we will explain the changes and what they mean for businesses. 

The changes

A brief overview of the changes: 

1. Stricter information requirements 
   • Companies must inform data subjects more comprehensively and understandably about the processing of personal data. 
2. Expansion of data subject rights
   • Individuals are entitled to receive their data in a structured, machine-readable format and to transfer it to another controller. They may also revoke their consent to data processing at any time without giving reasons.
3. Data Protection Officer
   • Companies and organizations that entrust more than 20 persons with the processing of personal data must now appoint a data protection officer.
4. Higher fines
   • Switzerland has also increased the fines for violations of the Data Protection Act. Companies must pay up to CHF 250,000 when they violate the guidelines.

As a business owner, you sure want to protect the privacy of your customers and make their data less vulnerable. However, you probably also want to avoid exorbitantly high fines.

The easiest way to do both is to follow the Privacy-by-Design principle in your business:

What does Privacy-by-Design mean?

Privacy-by-Design is an innovative approach that integrates privacy and security features into the design of products and services. You implement data protection measures and principles in the project planning and development phase. The idea behind this is to prevent potential data privacy problems early. Your company thus reduces the likelihood of data privacy breaches and avoids high costs and legal consequences.

The twelve steps for your company

There is still plenty of time before September! Start the adaptation process in your company now and begin implementing the following twelve measures:

• Review and adapt privacy statements.
• Adapt or create data processing policies.
• Create a data processing directory.
• Develop a fast-track procedure for data subject inquiries.
• Establish a data breach notification process.
• Establish a process for data protection impact assessments.
• Analyze contracts with subcontractors and insert appropriate clauses to establish data security.
• Ensure deletion or anonymization of data.
• Examine the transfer of data to other countries.
• Warrant data security through proper measures.
• Guarantee the release of data in electronic form.
• Appoint a data protection advisor and publication of accessibility.

Data is crucial in all companies, whether in documents with business partners, job applications, or contracts. Privacy-by-Design offers security for all parties involved in the business world.

How Privacy-by-Design works for your business:

• Minimizing data collection to what is necessary.
• Anonymizing or pseudonymizing data when possible.
• Using end-to-end encryption to protect data.
• Creating a privacy policy that clearly explains the collection and use of data
• Involving privacy experts to ensure implementation of privacy-by-design principles.

Privacy-by-Design solutions

Benefit from the change in privacy law. Implement privacy policies and internalize the privacy-by-design approach in your company, and signal to the outside world that you value the trust and loyalty of your customers and handle their data responsibly. Studies show that companies that gain the trust of their customers are more successful in the long term than those that neglect to do so. Retain your customers in the long term and strengthen your company’s image. 

Keep this in mind when looking for new solutions for your business processes. Use a solution like Certifaction, which has been developed according to the privacy-by-design approach and meets the highest privacy and security requirements, as well as offering all eSignature standards, then you are already on the fast track.

The eSigning solution has data protection as a top priority while increasing the efficiency of your business operations, with an intuitive user interface that your employees can confidently use in minutes. Topped off with easy integration options via API and custom design adjustments, the tool has everything you need for the future of contract processes.

Feel free to contact us with any questions.