Tel: 041 440 33 43
Tel / Text Signal: 041 440 33 43
Tel / Text Threema: 041 440 33 43
Videokonferenz: auf Anfrage
Anwaltspraktikum: »siehe hier«
MO-FR: 08:00 bis 17:00
SA: 09:00 bis 12:00 (Absprache)
Pikettdienst: »siehe hier«
»Karte in OpenStreetMap öffnen«
»Karte in Google Maps öffnen«
In order for your company's activities on the Internet to be successful, the legal basis must be right. In particular, your General Terms and Conditions (GTC) and the design of the ordering process of your homepage play an important role. When dealing with the data of your customers, the Data Protection Act must be observed and, if necessary, a data protection guideline drafted. If you are a hardware and software supplier or developer, it is worth paying attention to the design and contract negotiation. As a law firm for data protection and IT law, we provide you with professional support.
Another area is the protection of your infrastructure. On the one hand, Cybercriminals should not be able to disrupt or interrupt your business activity (Denial of Service, DoS or DDos) and in an emergency the core business should be secured and restored as quickly as possible (Business Continuity).
Information security includes technical, organisational and legal measures that ensure the confidentiality, availability and integrity of information. As a processor of personal data, you fulfil your legal obligations if the data you process is adequately protected. Not every type of data needs the same level of protection. The trick is to select and implement the right tools based on an analysis. The legal requirements must therefore be complied with as efficiently and cost-effectively as possible. In this context, there is a broad and exciting discourse on whether to follow a «best practice» or a «good practice» model.
As lawyers and experts for information security, we offer you a so-called pivotal function: Since we speak the technical and legal language, we can intermediate between technicians and lawyers. Likewise we can prepare technical facts for authorities and courts «consumer-fair». If you describe yourself as a technical layman, we will help you to understand the technicians. We can also give you an assessment as to whether the idea of the technical side is appropriate for you at all and whether you need the proposed solutions and measures at all. If you are well versed in technical matters but have uncertainties in dealing with lawyers, legal counsels, civil servants or management, we are at your disposal to make your ideas understandable.
Current information on this topic can be found at 143bis.ch, a Swiss platform for data protection, information security and cybercrime. You can find further information on our services in the area of cybercrime »here«.
The Data Protection Act stipulates how personal data must be processed. It is a cross-sectional law with an enormously broad scope of application. The daily handling of data therefore raises questions in a wide variety of legal areas, at various organisational levels and in a wide variety of business processes. In addition to the daily workload in the company, there are, for example, requests for information, questions about organisational and data protection regulations or the exchange of data between companies and outsourcing, even beyond national borders.
If you process personal data and organise, for example, major events (sports events such as city runs, tournaments, etc.), you cannot avoid dealing with the provisions of the Data Protection Act (DSG). However, since the Data Protection Act applies to any processing of personal data, the regulations also apply to private individuals and small and medium-sized enterprises (SMEs). This applies all the more if you publish or make available personal data on the Internet (homepages for celebrations, school classes, clubs, company websites, etc.).
By enacting the Data Protection Act, Parliament instructed the Federal Council to issue an ordinance laying down detailed implementation rules. The Federal Council has complied with this with the Data Protection Ordinance (VDSG). There are also a large number of regulations at the international level (e.g. the Datenschutz Grundverordnung (DSGVO) and the General Data Protection Regulation (GDPR)). In the Swiss context, the Data Protection Ordinance establishes a multitude of provisions in addition to the Data Protection Act, namely on the duty to provide information (Art. 8 DSG), on the duty to provide information (Art. 14 DSG) or specifically on data security (Art. 7 DSG as well as Art. 8 and 9 VDSG) to name but a few.
As lawyers for data protection and information security, we support you in all phases and at all levels: Be it in the context of contract negotiations, the drafting of contracts, regulations, concepts, risk management systems or the submission of applications. In particular, we support you in complying with the legal regulations of DSG, VSG or DSGVO etc.. In the event of a dispute, we represent you in proceedings before the courts, public prosecutors' offices or the cantonal data protection commissioner or the Federal Data Protection Commissioner (FDPIC).
To ensure that you comply with your legal obligations and that the processing of personal data or requests for information is carried out correctly, it makes sense to appoint a data protection officer. If this data protection officer is not employed by the company, this is referred to as an external data protection officer. The advantages are obvious: As an independent body, you receive an objective assessment of the situation. We provide you with the necessary know-how from a single source and you can concentrate on your business activities. If you are looking for an external data protection officer, please contact us.
We offer specialized services with LAYER 8. LAYER 8's lawyers and subject matter experts have relevant expertise in information technology and cybersecurity, IT and data protection law, forensics, and litigation. LAYER 8 also assists you in procurement and communications.
If you consider yourself a computer security or forensics specialist, we recommend you take a look at the Swiss Cyber Kill Chain: cyber-kill-chain.ch. A multilingual reference work based on the MITRE Att&ck framework.