As specialized privacy lawyers, we help you develop and review your business practices, systems, and contracts across all areas of your business to ensure compliance with applicable privacy & data protection laws and regulations and in implementing new or amended laws, such as the revised Swiss Data Protection Act, to minimize legal and business risks.
Our Services
Privacy statements
We assist you in creating or revising your privacy statements, whether for your website (including cookie policy) or for your customers, service providers, associates, or specifically for physicians, patients, etc.
Contracts and other documents
We draft and revise privacy provisions in contracts, disclaimers, policies, and instructions. We develop contract templates for various contractual relationships, such as data processing agreements, cloud services, data sharing agreements, joint controller agreements, and cross-border data transfer agreements, as well as other specific documents, for example, related to clinical trials.
Compliance assessments and data protection impact assessments
We assist you in reviewing your data processing operations for compliance with applicable laws, regulations and standards and conduct data protection impact assessments (DPIAs), data protection audits, and risk analyses. In case of legislative changes, such as the revision of the Swiss Data Protection Act, we help you take the necessary steps in good time to be prepared and comply with all new regulations as they enter into force.
Outsourcing
We support you in all data protection-relevant aspects in the evaluation of your service providers (performing vendor assessments and, if necessary, data transfer impact assessments) as well as in the development of data protection contract clauses and in negotiations.
Data Transfer Impact Assessments
We support you in conducting the necessary impact assessments for data transfers to data recipients in third countries, as required by the applicable regulations and the EU standard contractual clauses (which also apply in Switzerland). We provide you with questionnaires and tools for conducting and documenting such assessments and support you in evaluating the results and determining appropriate safeguards to protect personal data.
Data breach
We assist you in the event of a data breach, including cyberattacks, in identifying the risk, determining any notification obligations, and notifying data protection authorities and data subjects, as well as in defining and, if appropriate, implementing short-term and long-term remedial measures.
Notifications to the authorities
Where required, e.g., in the event of a data breach, we prepare and coordinate the required notifications to the authorities.
Legal and strategic privacy consulting
We offer expert legal and strategic advice in a variety of data protection-related areas such as
- Outsourcing
- Cross-border data sharing strategies
- Apps and global data management systems for associates, customers, including healthcare professionals, and service providers
- Use of AI and automated decision-making tools
- Access requests and other privacy rights and complaints
- Health information and research (clinical trials, ICFs, contracts with CROs and investigators, product complaints, pharmacovigilance)
- Direct marketing and communications
- Lawful use of surveillance tools, e.g., video cameras or GPS or monitoring of email and internet use
- Legal comparisons between the requirements of the GDPR, Swiss FADP and laws in other jurisdictions worldwide