The countdown is on: one year to get ready for the EU General Data Protection Regulation GDPR

This post is also available in: German

On 25 May 2016 the EU General Data Protection Regulation (GDPR) entered into force. After the elapse of the 2-year transposition period, it will become directly applicable on 25 May 2018.

The new EU data protection legislation introduces substantial changes for companies dealing with personal data: As a selection, the new requirements on transparency, on proportionality as well as on documentation when processing personal data are among the key changes. These are significant challenges for companies. In addition, the new legislation substantially improves the rights of the concerned individuals – the data subjects. Thanks to the GDPR, they now have clear-cut rights with regard to companies processing their data. Inter alia the key rights include the right on information, on rectification and deletion of personal data, on restriction of processing, on portability as well as the right to object processing. As data controllers, companies have to be able to comply with all these rights.

Besides new duties and compliance obligations for companies, data protection authorities are given new competences and enforcement instruments. Standing out are the new sanctions of up to the amount of EUR 20m or 4% of the international annual turnover of the concerned company, whichever is higher.

Recommendation

Swiss companies that (e.g. because they do business in the EU) are subject to the GDPR now have one year to make the necessary adaptions to comply with the GDPR. The new requirements are to be analyzed, gaps to be identified and mitigation actions to be planned and implemented. It is important to be prepared.

Contacts:

Susanne Hofmann
Legal Compliance Leader
+41 58 792 17 12
Email

Michael Adrian Meyer
Legal Services – Senior Manager
+41 58 792 51 31
Email

Reto Häni
Partner and Leader Cybersecurity
+41 58 792 75 12
Email

Idir Laurent Khiar
Legal Services – Assistant Manager
+41 58 792 17 51
Email

Published by

Susanne Hofmann-Hafner

Susanne Hofmann-Hafner

Susanne Hofmann-Hafner
PwC Zürich
Birchstrasse 160
Postfach, 8050 Zürich
+41 58 792 17 12

Susanne is the leader of the legal compliance practice in Switzerland. She specializes primarily in the design, implementation and assessment of compliance management systems, but also advises on all aspects of compliance related laws and regulations, which includes data protection, economic sanctions, anti-corruption / anti-bribery, competition law etc.

Before joining PwC, she was Chief Compliance Officer with the Swiss affiliate of a large international insurance group that included also the set up of a holistic compliance framework. Further, she gained experience as an Assistant State Attorney at the Public Attorney’s Office in Zurich.