EU-GDPR: Are you ready?

This post is also available in: French German

Stricter EU data protection rules adopted

  • On May 2016, the General Data Protection Regulation (GDPR) entered into force. This new regulatory framework harmonises data protection laws across the 28 European Union (EU) member states and replaces the former EU Data
    Protection Directive.
  • The GDPR will be apply directly by May 2018. There are many new and significantly enhanced requirements that need action before the deadline.
  • As a multi-disciplinary practice, we are uniquely placed to help our
    clients adjust to the new environment. Our Data Protection team
    comprises lawyers, consultants, auditors, risk specialists, forensics
    experts and strategists. Our team is truly global and has on-the-ground
    expertise in all the major EU economies.

Are Swiss companies impacted?

  • The GDPR is much wider in its scope than the previous EU Data
    Protection Directive and that means that the new law applies directly
    to more organisations. Any organisations that are active in Europe
    will need to comply with the GDPR. This includes those organisations
    with no business facilities in the EU but that are targeting goods
    and services at people in the EU or are monitoring people there. For
    example, a Swiss retailer that has no business facilities in the EU but
    directs the markets products to customers based in the EU will need to
    comply with the

Are you ready? Take our GDPR Readiness Assessment

Read more…

Published by

Nicolas Vernaz

Nicolas Vernaz

Nicolas Vernaz
Senior Manager Cybersecurity Data Protection and Regulatory Compliance
Avenue Giuseppe-Motta 50
1211 Genève 2
+41 58 792 95 71

Nicolas is a senior manager in the cybersecurity team at PwC Digital Services in Switzerland, leading the data protection and regulatory compliance work. He has over 15 years of experience in IT, cybersecurity and management in rapidly growing and complex environments, and is known for being a spokesperson for and spending several years on the committee of the CLUSIS. Nicolas has delivered several international projects and had assignments in many countries. Prior to joining PwC, he led an international oil and gas company group infrastructure, and headed up security for 12 years (CISO and infrastructure global leader). He acquired competencies in regulation compliance (SOX-Finma-EU GDPR), the management of security projects, programmes and teams, information security risk assessment, information security policy, and roadmap and governance definition. Nicolas is a specialist in data governance, has developed a data governance assessment framework, and is actively working in data classification and protection projects.