General Data Protection Regulation (GDPR)
Adopted by the European Parliament in 2016, the General Data Protection Regulation (GDPR) came into effect on May 25th, 2018. The GDPR replaces the 1995 general directive on data protection and is enforced in the 28 member states of the EU.
But in some cases, the GDPR could also apply to Swiss-based companies, if they process data pertaining to EU residents.
Here are some examples where a Swiss-based company may be concerned:
- E-commerce site offering goods and services to EU residents
- Data processing takes place in a EU country
- A european subsidiary of a Swiss company processes data of its EU employees
GDPR compliance includes the following contraints:
- Right to be forgotten (Article 17)
- Data protection by design and by default (Article 25)
- Records of processing activities (Article 30)
- Security of processing (Article 32)
- Notification of a personal data breach to the supervisory authority (Article 33)
- Data protection impact assessment (Article 35)
Do not delay to become compliant!
«In a digital era, privacy must be a priority.» – Al Gore
Hacknet SA is Geneva based IT company created in March 2000 offering audit and consulting services in information systems security.
Case postale 74