External Data Protection Officer (DPO)

As an external DPO, we take on all legally prescribed functions and support your company in all matters relating to data protection and data security in a pragmatic and targeted manner.

The external data protection consultant helps to ensure compliance with data protection in your company.

 

Relevant data protection provisions

In Switzerland, the Swiss Federal Act on Data Protection (DSG) and its Ordinance (DSV) apply.

The revised DPA entered into force on September 1, 2023. The current DPA can be found here. Further information can be found here.

The European General Data Protection Regulation (GDPR) is a European Union regulation that standardizes the rules for the processing of personal data by private companies and public bodies throughout Europe. It has been in force since May 25, 2018.

Data protection consultant according to GDPR

According to Article 37 GDPR, the controller and the processor shall in any case designate a data protection adviser if the processing is carried out by a public authority or body, with the exception of courts acting in their judicial capacity, the core activity of the controller or processor is to carry out processing operations which by their nature, scope and/or purposes require extensive, regular and systematic monitoring of data subjects, or the core activity of the controller or processor consists of the extensive processing of special categories of data or of personal data relating to criminal convictions and offenses.

Data protection advisor according to revised DSG

Art. 11 DSG

According to Article 11 of the revised DPA, private controllers may appoint a data protection advisor.

Private controllers may make use of the exemption under Article 23(4) if the following conditions are met:

  • The data protection advisor shall exercise his or her function in relation to the controller in a professionally independent manner and not bound by instructions.
  • He or she shall not carry out any activities that are incompatible with his or her duties as a data protection advisor.
  • He or she has the necessary specialist knowledge.
  • The controller shall publish the contact details of the data protection advisor and communicate them to the FDPIC.
    Your Advantages of an External Data Protection Consultant
    • Independent and neutral, not bound by instructions
    • Data protection supervised by a specialist
    • Conflicts of interest are avoided
    • Ensuring continuity
    • Reduced expenses
    • Efficiency through competence
    Primary Focus of Data Protection Advisory

    The data protection advisor is the point of contact for data subjects and for the authorities responsible for data protection in Switzerland. In particular, he or she has the following tasks:

    • Training and advice for the private controller on data protection issues;
    • Participation in the application of data protection regulations.

    Tasks of the data protection advisor can be

    • Check the processing of personal data within the company;
    • recommend corrective measures if it discovers that data protection regulations have been violated;
    • Preparation of data protection guidelines and declarations
    • Data mapping, preparation of the list of processing activities
    • Review and drafting of order processing contracts / joint controller agreements
    • Monitoring the transfer of personal data abroad (cross-border data protection compliance)
    • Establishing processes in response to requests from data subjects (e.g. information, correction, deletion processes)
    • Planning the behavior in the event of a data security breach
    • Advising and assisting with the implementation of data protection impact assessments
    • Implementing the principles of privacy by design and privacy by default
    • Developing and testing data security concepts
    • Developing and implementing deletion concepts
    • Communication with supervisory authorities
    • Establishing controls for compliance with data protection/data protection audits
    • Employee training
    Non-binding inquiry

    Current

    No Results Found

    The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

    Learn more
    Bruno Schnarwiler

    Konsulent Informationssicherheit

    Bruno Schnarwiler ist ein Experte in Wirtschaftsinformatik mit über 30 Jahren Erfahrung als Auditor, Projektmanager, Berater und Führungskraft. Mit Abschlüssen als Eidg. Dipl. Wirtschaftsinformatiker, CISA und ISO 27001 Lead Auditor verfügt er über Fachkenntnisse in Informationssicherheit, Krisen- und Risikomanagement sowie digitalen Archivierungslösungen. Er hatte Schlüsselrollen wie Leiter IT-Revision und Risikomanagement in einer Bank, Leiter Softwareentwicklung und Berater für Sicherheit. Diese Tätigkeiten gaben ihm umfassende Einblicke in Branchen und Prozesse. Er trägt zur Implementierung sicherer IT-Umgebungen, Optimierung interner Kontrollsysteme und Entwicklung nachhaltiger Lösungen bei, die moderne Anforderungen erfüllen.
    Edith Luginbühl

    Assistant

    Edith Luginbühl is a dedicated and experienced assistant with over 50 years of professional experience. Her professional career began with a commercial apprenticeship at a major bank and has taken her through various sectors, including the catering, hotel, car rental, travel agency and newspaper editorial offices. Her strengths include her friendly and professional manner, her reliability and her keen eye for detail.

    Alex Wild

    Student

    Alexander Wild began his law studies at the University of Zurich in 2019. Before and during his studies, he gained initial experience in the compliance department of a bank, worked as an IT supporter and in the legal department of an international pharmaceutical company. His activities included checking/compliance with bank instructions, sanctions, customer and country risk; assessment of general customer risk for the bank; wet ink support and support in the process optimisation of contract signings. Since 2022 he has been working as a paralegal at Balthasar Legal AG and LR | Rechtsanwälte. He is expected to complete his Master's degree in 2025.

    Sangmo Agontsang

    Paralegal

    Sangmo Agontsang completed her diploma in business administration at the Kaderschule Zürich in 2012. After graduating, she worked as a CEO assistant for Freitag lab ag and CBM Switzerland, among others. She also gained experience in the organisation of the Kaderschule Zürich and worked in the Intellectual Property department of Freitag lab ag. There she worked internationally with a team of lawyers to defend the company's rights. Since 2022 she has been working as a paralegal at Balthasar Legal AG.

     

    Markus Bruggmann

    MLaw Senior Adviser

    MLaw Markus Bruggmann completed his law degree at the University of Zurich in 2013 and has since worked for a bank, a commercial law firm and an insurance company, among others, where he specialised in advising, reviewing and drafting contracts in the areas of communications and technology law (data protection), taking into account liability and intellectual property law. His strengths include his analytical skills and broad experience.