The new Swiss Data Protection Act comes into force on the 1st of September without any further transition period. This means that all companies in Switzerland must be ready to comply with the new requirements by September 1st.
The new Swiss data protection law provides clear guidelines on how personal data must be handled. However, many businesses and organizations are not fully aware where and what their customer data is being collected. Do you know all the sources of customer data that you collect in your company?
Customer data including digital personal data is not only collected through your website and marketing platforms, but also through online and offline systems, tools and interfaces. In addition, different departments such as marketing, communications or IT are involved, all using their respective tools, which in turn store customer data in different servers in potentially multiple countries.
Data Privacy Readiness in 5 Steps
We have put together a 5-step plan to help you ensure data privacy readiness in your organization.
Data Scheme for Data Protection
Through the first three steps, you will create a data scheme: The first step is to pinpoint and classify the tools, platforms, and third parties that you are using to collect personal data. Next, you analyze how the personal data is used in these tools. Then, in the third step, you check whether data protection requirements are met in your individual tool setup.
These three analyses are summarized in the data scheme.
Creating a comprehensive data concept is complex and time-consuming. Do not limit yourself to the data you collect on the website or in marketing, but create a clever data management with a well thought-out data scheme.
Implementation
Once you’ve created the data scheme, it’s on to identifying the shortcomings and evaluating where a tool setup can be adapted and where you need a new tool or software.
Finally, the fifth step is implementation: you change the setup of existing tools and roll out new software where necessary.
Once you’ve gone through all five steps, you’re ready for the new Swiss data protection law. So make sure to plan enough time to complete all the steps before the 1st of September!
As required by the new data protection law, you will have your data processing procedures in a processing directory and thus have a good overview of the data-collecting systems.
And remember, it’s not always easy to figure out which tools or systems are now collecting or storing personal data.
With our experience in creating data schemes, we know exactly where to look to gather the right information and track down the tools. We can create a data scheme for your business that includes all the data affected by the data protection requirements, and that also contains recommendations on how you should adapt your individual setup. Contact us for a non-binding consultation to assess your organization’s needs.