GDPR, EU-DSGVO - The General Data Protection Regulation has had to be implemented since 25 May 2018.
EU data protection? Also an issue for Swiss HR?
Yes, definitely! The scope of the GDPR also affects Swiss companies if they offer products or services in the European Union and process the personal data of EU customers, for example via a web shop. Likewise, a Swiss company that analyses the behaviour of citizens in the EU - for example by evaluating website data - falls within the scope of the GDPR. Global corporations based in Switzerland that process data from their EU subsidiaries are also affected by the provisions.
What are the key points?
The basic concept of the GDPR is to introduce stricter rules when processing personal data and to provide natural persons with more comprehensive data protection.
The regulation is based on six key principles that define both the rights of data subjects and obligations for companies:
- Data minimisation: data collection must be limited to what is necessary.
- Purpose limitation: Data may only be processed for the specified and clearly defined purposes.
- Lawfulness: The data subject must consent to the processing and the processing must be transparent.
- Right to accuracy and erasure: Individuals have the right to have their data rectified or erased.
- Accountability and transparency: Companies must be able to demonstrate and document compliance with the GDPR, including the obligation to report data breaches.
- Integrity and confidentiality: Companies are obliged to ensure technical and organisational security measures are in place to protect personal data.
Violations can result in penalties of up to four per cent of annual global turnover or fines of up to 20 million euros. All the more reason to comply with the GDPR regulations.
Do you need support?
We are happy to support you, your company and your HR department in implementing the new EU General Data Protection Regulation. Our "GDPReady package" includes a comprehensive analysis workshop, a review of current compliance and the implementation of any necessary measures. We will also create a toolkit for you so that you have many different tools at hand to work in compliance with the GDPR.
We are happy to advise you at company level and specifically in HR.