Would you like to deal with the complex issue of data protection as little as possible, not build up any technical expertise in the organization and still fully comply with the legal provisions of the Swiss Data Protection Act (DSG) and the European General Data Protection Regulation (GDPR)?
No problem. We take care of that for you and your company can concentrate on its core business.
External Data Protection Consultant and Direct Contact Person
It is not easy to keep track of the complex data protection regulations and to know the answers to the most diverse data protection questions. We have our data protection experts for this, who can optimally support you with their many years of experience from projects that have already been implemented.
As external data protection consultants or data protection officers, we take care of the data protection tasks and ensure tailored data protection solutions and their legally compliant implementation (DSG and/or EU-DSGVO) in your organization. This includes the implementation of the necessary technical and organizational measures, the training of employees (online training or on site). Furthermore, we are the central contact for the data controllers, the management and inquiries from third parties.
The service packages at a glance:
Category | Tasks and activities | Base | Standard | Premium | |
---|---|---|---|---|---|
Tasks and activities | Direct contact person for all data protection enquiries | Suitable staff including deputies will be provided. | |||
Tasks and activities | Reachability by e-mail | Response time max. 24 hours. | |||
Tasks and activities | Accessibility by letter post | Response time max. 24 hours after receipt of the letter. | |||
Tasks and activities | Mention in privacy policy and imprint | Name of the employee and contact details such as address and e-mail. | |||
Tasks and activities | Mention in the processing directory | Formulation of data processing in accordance with the DSG and DSGVO to the aforementioned extent. | |||
Tasks and activities | Checking and forwarding enquiries | Exchange with the person responsible for data protection in the company and/or management. | |||
Tasks and activities | Check privacy policy and imprint on the website | Consideration of the legal adjustments DSG and DSGVO for risk reduction (without online shop). | 1 x per year | 1 x per year | 1 x per year |
Tasks and activities | Status report to management and responsible persons in the company | Exchange with management on legal innovations, risks and requirements. | 1 x per year | 2 x per year | 2 x per year |
Tasks and activities | Access to online training | Online trainings are offered on a time and material basis. | |||
Tasks and activities | Information requirements | All data subjects must be informed in detail about the planned data collection and processing. | |||
Tasks and activities | Keep a processing register | Detailed information on the individual data processing operations in the company. We keep the processing directory and the exact wording. | up to 10 processings per year | up to 20 processings per year | |
Tasks and activities | Data protection impact assessment | Advice, support and monitoring for correct implementation, consultation with the data protection authority if necessary. | |||
Tasks and activities | Order processing: contract review and control | Assessment and effort estimation of the contract. | 1 Agent per month | 2 Agent per month | |
Tasks and activities | Draft retention and deletion concept | Enables the correct storage and deletion of personal data. | |||
Tasks and activities | Draft emergency concept in the event of a data breach | Enables quick assessment of the data protection breach and what to do. | |||
Tasks and activities | Draft data protection concept | Expected by customers and authorities. | |||
Tasks and activities | Entwurf Richtlinie Berechtigungsvergabe | Authorisation concept is necessary for the correct implementation of the requirements. | |||
Tasks and activities | Draft policy on the allocation of authorisations | Requirements and specifications to be met by the service provider. | |||
Tasks and activities | Entwurf Richtlinie Betroffenenrechte | The persons concerned have various rights which they can assert. | |||
Tasks and activities | Draft Data Protection Rights Directive | Definition of risks in data processing. | |||
Tasks and activities | Draft Guideline and Handbook on Data Protection | Management describes the implementation of data protection in the strategy. | |||
Tasks and activities | Process control Data protection | Process description of data protection. | |||
Tasks and activities | Conduct internal audits with report | Periodic audits are the best protection against non-compliance with data protection regulations. | |||
Tasks and activities | Human resources: various templates, fact sheets, checklists | ||||
We take over for you!
Interested? Do you still have questions about the service packages? We look forward to hearing from you and will process your enquiry as quickly as possible.
We take over for you!
GDPR and EU GDPR
Interested? Do you still have unanswered questions? We look forward to hearing from you and will process the request as soon as possible.
Data protection consultant and direct contact person
Fulfillment of the legal requirements for the activities of a DPO in accordance with Art. 10 DSG and thus release from consulting the FDPIC when carrying out data protection impact assessments.
- Advice and support for the legally compliant and pragmatic implementation of data protection
- Development and updating of specifications and instructions
- Project support in the design or testing of technical and organizational measures
- Establishment and management of the internal processing directory as well as the drafting and negotiation of agreements relevant to data protection, e.g. with internal and external contract data processors
- Support in the processing of information and deletion requests and data protection violations
- Education and sensitization of employees through modern online training
- Carrying out annual audits including reporting with risk analysis
- Information about innovations in the area of data protection in Switzerland and worldwide
Data protection representation in Switzerland
So that you can concentrate on your core business, FACT AG, based in Zurich, takes on all the tasks of external data protection representation for your company. In this function, we are not only the central point of contact for the persons concerned in Switzerland and the data protection supervisory authority (FDPIC), but also advise you on questions relating to compliance with data protection regulations.
We are listed as the main contact in your data protection declaration. Inquiries by e-mail, post or telephone will be accepted, checked and forwarded to you, for example if a person requests information about their stored data (according to Art. 25 DSG).
Contact us for an offer and let the Swiss representation according to DSG be our concern.
Data Protection Representation
GDPR and EU GDPR
Interested? Do you still have unanswered questions? We look forward to hearing from you and will process the request as soon as possible.