If you are actively involved in online marketing and web analytics in Switzerland, you should certainly be preparing for the new Swiss data protection law, which will come into effect in September 2023.
As a reminder of this important date, we have summarized the most important information for you:
The new Swiss Data Protection Act
The new Swiss Data Protection Act will come into force on September 1, 2023. After having been postponed multiple times, we can expect that this date will be kept. The contents are already publicly known, and Switzerland’s new data protection law will be similar to that of the EU. That being said, it is not yet clear how the recommendations of the FDPIC (Federal Data Protection and Information Commissioner) will look in detail or how they will be implemented. In any event, there are certain pre-emptive measures that you can start implementing already.
- Create a data scheme to document all data processing activities.
- Implement a cookie consent solution that is flexible and easily adapted in order to be able to react to any changes in the legal situation.
- If you address potential customers abroad, especially in the EU, via your website, adapt your cookie consent solution for these visitors to the EU’s General Data Protection Regulation.
- In Switzerland, with the current data protection law, no fines can be issued and cookies can be set by default for the first session. Nevertheless, we recommend giving all users the option to reject cookies and thus respect the privacy of your web visitors.
- Through the new Swiss Data Protection Act, a fine can be issued if you are collecting user data without consent. This means that, by September 1st at the latest, you will need to implement a cookie consent solution that can be configured to comply with the new law.
- Make sure you have processes in place in case of deletion requests from your customers or requests to get insight into the collected data.
In addition, under the new Swiss Data Protection Act, any fines will only be imposed on individual persons, i.e. the responsible management, and not on the companies themselves. Thus, managing directors should have a great interest in complying with the data protection law.
If you would like advice or support in implementing a suitable cookie consent solution, we would be happy to assist you.