Data protection – we take care of it for you!

Would you like to deal with the complex issue of data protection as little as possible, not build up any technical expertise in the organization and still fully comply with the legal provisions of the Swiss Data Protection Act (DSG) and the European General Data Protection Regulation (GDPR)?

No problem. We take care of that for you and your company can concentrate on its core business.

External Data Protection Consultant and Direct Contact Person

It is not easy to keep track of the complex data protection regulations and to know the answers to the most diverse data protection questions. We have our data protection experts for this, who can optimally support you with their many years of experience from projects that have already been implemented.

As external data protection consultants or data protection officers, we take care of the data protection tasks and ensure tailored data protection solutions and their legally compliant implementation (DSG and/or EU-DSGVO) in your organization. This includes the implementation of the necessary technical and organizational measures, the training of employees (online training or on site). Furthermore, we are the central contact for the data controllers, the management and inquiries from third parties.

The service packages at a glance:

CategoryTasks and activitiesBaseStandardPremium
Tasks and activitiesDirect contact person for all data protection enquiriesSuitable staff including deputies will be provided.
Tasks and activitiesReachability by e-mailResponse time max. 24 hours.
Tasks and activitiesAccessibility by letter postResponse time max. 24 hours after receipt of the letter.
Tasks and activitiesMention in privacy policy and imprintName of the employee and contact details such as address and e-mail.
Tasks and activitiesMention in the processing directoryFormulation of data processing in accordance with the DSG and DSGVO to the aforementioned extent.
Tasks and activitiesChecking and forwarding enquiriesExchange with the person responsible for data protection in the company and/or management.
Tasks and activitiesCheck privacy policy and imprint on the websiteConsideration of the legal adjustments DSG and DSGVO for risk reduction (without online shop). 1 x per year 1 x per year 1 x per year
Tasks and activitiesStatus report to management and responsible persons in the companyExchange with management on legal innovations, risks and requirements. 1 x per year 2 x per year 2 x per year
Tasks and activitiesAccess to online trainingOnline trainings are offered on a time and material basis.
Tasks and activitiesInformation requirementsAll data subjects must be informed in detail about the planned data collection and processing.
Tasks and activitiesKeep a processing registerDetailed information on the individual data processing operations in the company. We keep the processing directory and the exact wording. up to 10 processings per year up to 20 processings per year
Tasks and activitiesData protection impact assessmentAdvice, support and monitoring for correct implementation, consultation with the data protection authority if necessary.
Tasks and activitiesOrder processing: contract review and controlAssessment and effort estimation of the contract. 1 Agent per month 2 Agent per month
Tasks and activitiesDraft retention and deletion conceptEnables the correct storage and deletion of personal data.
Tasks and activitiesDraft emergency concept in the event of a data breachEnables quick assessment of the data protection breach and what to do.
Tasks and activitiesDraft data protection conceptExpected by customers and authorities.
Tasks and activitiesEntwurf Richtlinie BerechtigungsvergabeAuthorisation concept is necessary for the correct implementation of the requirements.
Tasks and activitiesDraft policy on the allocation of authorisationsRequirements and specifications to be met by the service provider.
Tasks and activitiesEntwurf Richtlinie BetroffenenrechteThe persons concerned have various rights which they can assert.
Tasks and activitiesDraft Data Protection Rights DirectiveDefinition of risks in data processing.
Tasks and activitiesDraft Guideline and Handbook on Data ProtectionManagement describes the implementation of data protection in the strategy.
Tasks and activitiesProcess control Data protectionProcess description of data protection.
Tasks and activitiesConduct internal audits with reportPeriodic audits are the best protection against non-compliance with data protection regulations.
Tasks and activitiesHuman resources: various templates, fact sheets, checklists

We take over for you!

Interested? Do you still have questions about the service packages? We look forward to hearing from you and will process your enquiry as quickly as possible.

We take over for you!


Interested? Do you still have unanswered questions? We look forward to hearing from you and will process the request as soon as possible.

Data protection consultant and direct contact person

Fulfillment of the legal requirements for the activities of a DPO in accordance with Art. 10 DSG and thus release from consulting the FDPIC when carrying out data protection impact assessments.

  • Advice and support for the legally compliant and pragmatic implementation of data protection
  • Development and updating of specifications and instructions
  • Project support in the design or testing of technical and organizational measures
  • Establishment and management of the internal processing directory as well as the drafting and negotiation of agreements relevant to data protection, e.g. with internal and external contract data processors
  • Support in the processing of information and deletion requests and data protection violations
  • Education and sensitization of employees through modern online training
  • Carrying out annual audits including reporting with risk analysis
  • Information about innovations in the area of data protection in Switzerland and worldwide

Data protection representation in Switzerland

So that you can concentrate on your core business, FACT AG, based in Zurich, takes on all the tasks of external data protection representation for your company. In this function, we are not only the central point of contact for the persons concerned in Switzerland and the data protection supervisory authority (FDPIC), but also advise you on questions relating to compliance with data protection regulations.

We are listed as the main contact in your data protection declaration. Inquiries by e-mail, post or telephone will be accepted, checked and forwarded to you, for example if a person requests information about their stored data (according to Art. 25 DSG).

Contact us for an offer and let the Swiss representation according to DSG be our concern.

Data Protection Representation


Interested? Do you still have unanswered questions? We look forward to hearing from you and will process the request as soon as possible.