Data Protection in Germany and in Switzerland
for companies, self-employed and associations
With the introduction of the General Data Protection Regulation (GDPR) on May 28, 2018, all European countries received a uniform specification for handling personal data.
This thoroughly desirable approach contains many opportunities and risks. Especially for small and medium-sized companies which have to fulfill the same requirements as globally operating corporations.
In addition to the European GDPR, Germany is also subject to the new version of the Federal Data Protection Act (BDSG New). In addition, there are the respective state data protection laws for the public sector.
Data protection MUST always be practiced, regardless of the size and number of employees of the company. These two factors are only decisive for the question of whether a data protection officer must be appointed or not.
Even if no data protection officer is required from a legal point of view, the management must ensure that the data protection requirements and processes are complied with.
On September 25, 2020, the revised Swiss Data Protection Act (DPA) was approved by Parliament. The DPA brings with it a number of innovations that can result in fines if disregarded. Therefore, it is now all the more important to be up-to-date on the topic of data protection in Switzerland as well. We are happy to help you with this!
Bis zum Inkrafttreten des revidierten DSG ist Unternehmen zu empfehlen, zunächst eine Bestandesaufnahme ihrer Datenbearbeitungen durchführen zu lassen. Anschliessend sorgt eine Gap-Analyse dafür den datenschutzrechtlichen Handlungsbedarf festzustellen. Dieser Vorgang ist zu empfehlen, auch wenn bereits DSGVO-Massnahmen im Unternehmen umgesetzt wurden, da es gewisse Unterschiede beim revDSG zu berücksichtigen gibt.
Designed for medium-sized businesses - Scalable to company size for companies, self-employed and associations
The machCon approach is tailored to small and medium-sized businesses. Data protection is not a daily business for small companies and therefore "only" runs alongside the actual work. By using proven and effective processes as well as an economical use of your internal resources, the goal of becoming data protection compliant can nevertheless be achieved quickly.
The GDPR can be seen as a reason to introduce a suitable data protection concept. This is not only important with regard to the impending penalties that can be imposed by the supervisory authorities, but also to show your own customers and partners that their data is handled with care and foresight in accordance with the law. No company wants to experience a PR disaster just because a laptop with customer data has been lost.
As a certified external data protection officer with many years of experience and mandates around Lake Constance and in Switzerland, machCon offers the following services to jointly make your company legally compliant in the area of data protection and IT security or to analyze and improve the already existing concepts and processes.
machCon - Data protection services:
- Data protection inventory
- Assignment as external data protection officer
- Review of existing data protection concepts
- Consulting activities in the area of data protection
- Trainings for employees and management in data protection
- Creation of a data protection management system
- Data protection officer and consulting for associations
- Implementation of the existing legal requirements of the DSGVO, BDSG-Neu, state data protection laws, and the Swiss DPA for your company or public institution
- Data protection law considerations for coworking spaces and start-ups
Any further questions?
We are happy to assist you personally with any further questions.