Services

SERVICES

Targeted and customized consulting services in the field of Privacy

A network of qualified and certified professionals that provides 360-degree tailored, high quality assistance in the field of Data Protection (GDPR) and Swiss Federal Act on Data Protection (FADP), as well as in the field of European and Global Data Protection Law.

DATA PROTECTION

Consultancy | Representation | Training

Consultancy
Representation
Training

Preliminary Assessment

It aims to monitor and evaluate the impact on the Swiss Federal Act on Data Protection (FADP) and on the General Data Protection Regulation EU GDPR 2016/679.
After assessing the data processing operations carried out by the client company, a short checklist will be provided, so that the Data controller can have a complete picture of the impact of the rules on the processed data.

Legislative audit on safety procedures

A security audit can be defined as a systematic assessment of the safety of the company information system aimed at verifying its compliance by taking into account a series of criteria laid down in the legislation.
Privacy Desk Suisse carries out auditing activities to check compliance with the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation (GDPR) as regards safety measures (Art. 32 GDPR), taking into account the Data Protection Law and the best practices of the Supervisory Authorities.

Data Protection and Privacy consulting services (FADP| GDPR | CCPA)

This service aim to draw up a Privacy Organisational Model with reference to data processing by means of a number of documents that enables the Data Controller and/or the Data Processor to prove accountability with regard to FADP and GDPR.
More specifically, they consist of:
  • Drawing up and updating information notes for data subjects;
  • Conducting CRM and DB Data analysis according to the principles of “Privacy by design” and “Privacy by default”;
  • Mapping safety measures;
  • Defining Privacy roles and responsibilities both internally and externally;
  • Establishing relationship with Data Processor and monitoring the relevant Data Protection activities;
  • Creating and updating GDPR Records of Processing Activities;
  • Providing assistance in signing Data Transfer Agreements (DTA) by means of Standard Contractual Clauses;
  • Carrying out verification/controls of the website and of information notes for the users, as well as providing advice on cookie policies;
  • Drawing up Data Privacy Impact Assessment (DPIA) | Impact assessment;
  • Providing assistance in managing data subjects’ requests and Data Protection Authorities’ requests;
  • Submitting prior checks to the Swiss Federal Commissioner and to the European Data Protection Authorities.

Personal Data breach management

In order to comply with articles 33 and 34 of EU General Data Protection Regulation 2016/679 (GDPR) and the soon-to-be-adopted new Swiss Federal Act on Data Protection (FADP), the Data Controller is required to properly manage all personal data breaches (such as, for example, phishing, cryptolocker attacks, hacking in general, errors in sending confidential communications) and to note any personal data breach and the relevant measures adopted in dedicated registers.  
Our consultants will write an individually tailored Data Breach Policy which allows the involvement of the Data Processors and, if appointed, of the DPO. In addition to that, a special register for data breach recording will be set up.

Continuous coaching in the field of Privacy and Law

Continuous and prompt assistance and coaching to the Data Protection Representative or to the Data Protection Officer in your organization: this may occur via telephone calls, e-mails and/or on line meetings, for any Data Subject Access Request received by the company and, in general, for Privacy or Data Protection issues.

Privacy Management Software and document repository

We use IT tools in web-app mode enabling us to provide services that are always kept up-to-date with the changes and developments in the General Data Protection Regulation (GDPR) and Swiss Federal Act on Data Protection (FADP). We provide you with modules focusing on GDPR Records of Processing Activities, Risk analysis, Data Privacy Impact Assessment (DPIA), Roles and Responsibilities, Personal Data Breach Management and response to data subjects.
It is possible for our customers to store their corporate records relating to Data Protection and Privacy in a dedicated encrypted cloud archive.

DPO service | Data Protection Consultant

The Data Protection Officer | DPO, or the “Data Protection Advisor” |DPA, as the Swiss Federal Act on Data Protection (FADP) refers to this role, is a professional who must have legal, IT, risk management and process analysis skills and competencies.

The primary goal and responsibility of a DPO (or of a DPA in Switzerland) is to observe, assess and organize the personal data processing activities (and, as a consequence, the data protection) within a company, so that the data can be processed in compliance with national and EU legislation.

Furthermore, the Data Protection Officer represents the point of contact of the company with the Supervisory Authority and the data subject.

Privacy Desk Suisse offers a service contract and a team of professionals with proven experience that will carry out all those tasks on behalf of the customer in order to comply with FADP and GDPR.

We also provide our customers with a consulting service for their internal DPO.

Appointment of the Data Protection Representative in Switzerland and in the European countries

The Swiss Federal Act on Data Protection (FADP), which is currently undergoing revision in order to be fully aligned with GDPR and international privacy laws, imposes obligations on foreign companies, that have no operating office in Switzerland and process personal data of Swiss citizens when providing them with goods or services, to appoint their own representative with head office in the Swiss Confederation.

The same obligation to appoint a representative in one EU country applies to Swiss companies in the private sector that process personal data relating to data subjects in the European Union and whose data processing activities are linked to the sales of goods or provision of services to these data subjects in Europe (Art. 27 GDPR).  

Privacy Desk Suisse offers a service contract to take the role of Representative in the European Union for Swiss companies operating in the EU as well as of Representative in Switzerland for foreign companies operating in the Swiss Confederation.

Tailor-made newsletters to monitor new laws or changes to regulations on Privacy

We regularly send newsletters about legislative updates and any new measure taken by the European Supervisory Authorities, by the European Data Protection Board and by the Swiss Federal Data Protection and Information Commissioner (FDPIC).

Custom-made and on-line training courses

Vocational training plays a fundamental role when it comes to complying with Data Protection and Privacy regulations, both in the private and public sector.

Today it is of utmost importance to create a real Privacy culture within your organization. Vocational training is also an important element of accountability: it must be therefore understood that, in case of an inspection, training programmes for persons in charge of data processing and persons authorized to process the personal data might be verified.

Privacy Desk Suisse has always been at the forefront in its continuous effort to support its customers in the best possible way and has now organized live training webinars that allow you to attend high-level training courses on line and not in a face-to-face seminar. During our on line training courses taught by our experts you will always have the opportunity to interact with the teachers.