Data Protection

We support companies and individuals in complying with the Federal Data Protection Act (FADP) and, where applicable, the General Data Protection Regulation (GDPR). Our support covers the design and review of personal data processing according to the principles of privacy by design and by default, the implementation of appropriate governance, as well as the management of requirements relating to international transfers, purpose limitation, retention periods or data security. We are also involved in digitalization, outsourcing and artificial intelligence projects.

We represent our clients in disputes relating to data protection and personal rights. This includes the exercise of access rights, breaches of privacy (particularly online, such as defamation or unauthorized publication), cybercrime (e.g. data theft or leakage), as well as proceedings before the Swiss Federal Data Protection and Information Commissioner (FDPIC).

We draft and revise internal documents relating to the management of personal data: privacy policies, internal directives on data retention, the use of IT tools or artificial intelligence solutions, and specific contractual clauses on data protection.

We assist companies in the event of incidents involving personal data – particularly cyber attacks or security breaches – and support them in implementing the required technical and organizational measures. We also manage communication obligations towards the relevant authorities (FDPIC, FINMA) and data subjects.

We offer in-house data protection training, tailored to the needs of our customers and the specificities of their business sector.