GDPR, Kommunikation, PR-und Kommunikation;

The new Swiss Data Protection Act. How to implement it correctly and communicate it effectively.

By now, all Swiss companies should be aware of the ‘New Federal Act on Data Protection (nFADP)’. The new, stricter data protection law will be enacted in Switzerland on September 1, 2023.

Swiss companies should, therefore, review their data protection status as quickly as possible and ensure that comprehensive data protection requirements are implemented.

These include:

  • Reviewing privacy statements. It is essential to ensure that they contain sufficient information about the data controller, the purpose of the data processing, third-party recipients of the personal data, and possible transfers to third countries outside Switzerland.
  • Implementing the new right to data portability. This right may require technical measures to enable data subjects to receive their data in a commonly used file format when such data is processed by automated means and based on consent or in connection with a contract.
  • Establishing an internal procedure for reporting data privacy breaches. Data privacy violations should be promptly identified, handled, and, if necessary, documented. In addition, employees should be trained to respond to data privacy violations. Review contracts with data processors. For example, it should be ensured that these contracts explicitly guarantee the security of the personal data processed and include a procedure for dealing with data breaches.

Aside from the required regulatory steps associated with implementation, transparent communication on implementation and compliance plays an essential role in ensuring the continued trust of your target audiences and strengthening the corporate brand.

Internal communication

Good, transparent data privacy communication starts with training your employees. Regular training on data privacy should become an integral part of your internal communications. This helps employees to better understand and comply with the new data privacy regulations. This raises awareness of the importance of data privacy within the company.

Transparent communication channels

Create transparent information channels by ensuring your employees, customers and business partners know how or whom they can contact for any data protection or processing questions . It is advisable to include the contact details of the responsible person (telephone number, e-mail and contact person) on your website (for example, in the privacy policy). Good visibility of the opt-in/opt-out boxes in the online forms on your website should also be ensured.

External communication

Of course, public relations (PR) also plays a significant role. Use your website, social media or other communication channels, such as your newsletter, to communicate information about your privacy compliance. Communicate information about your privacy practices, efforts to secure personal data, and commitment to privacy.

In your business relationships with other companies that process personal data, please ensure they are also privacy compliant. Communicate your data protection and data security requirements and, if necessary, regulate them contractually.


Authors: & Rent a PR