With the recent enactment of the new Swiss Data Protection Act (Swiss DPA), which came into effect on September 1, 2023, HR departments in Switzerland are facing a shift in handling employee data. This updated legislation, aligning more closely with the EU’s GDPR, imposes stricter controls and heightened responsibilities on data processors and controllers, including those in HR roles. This article dissects the critical elements of the Swiss DPA, focusing on its impact on HR data privacy and protection practices, and provides actionable recommendations for HR professionals to comply with data privacy and protection standards.
Anna Levitina
As Artificial Intelligence (AI) cements its role as a cornerstone of innovation across various sectors, the legal frameworks governing its use are rapidly evolving. The landscape is abuzz with legislative developments, such as the proposed AI Act by the European Union and the Biden administration executive order on AI. As lawmakers and industry leaders shape new AI regulations and ethical guidelines, the complexity of AI-related contracts is on the rise. In this article, we’ll explore the key elements that your AI-related contracts should include to be as robust as they are compliant.
In the bustling streets of European cities, behind the screens of tech hubs in Berlin, Paris, and Stockholm, a new technological marvel is taking shape: Generative AI. As businesses across the continent explore the vast potential of this technology, understanding its legal implications is a must. What is special about Generative AI? What legal concerns does it bring? Let’s explore this transformative technology and its implications in the European landscape.
In the digital space, e-commerce platforms are leveraging personalised advertising to enhance customer experiences and boost sales. Retargeting, a form of personalised advertising, has become a game changer, enabling businesses to re-engage potential customers by displaying ads based on their previous online activities. While this approach can significantly uplift conversion rates, it also entails critical considerations regarding data protection and privacy compliance, notably in the light of the General Data Protection Regulation (GDPR).
The year 2023 has marked a significant uptick in GDPR fines, making it the year with the highest penalties for data protection violations. While the world is abuzz with high-profile GDPR fines against tech giants like Meta and Google, it’s crucial to understand that smaller companies are also under regulatory scrutiny.
In today’s evolving technological landscape, Artificial Intelligence (AI) stands out as a revolutionary force, reshaping industries and redefining the boundaries of what’s possible. For software companies, AI offers unprecedented opportunities for innovation. However, with these opportunities come intricate legal challenges that every software company must be prepared to navigate.
Within the world of open-source software, every line of code comes with its own set of rules. Whether you’re an innovative startup crafting the next big app or a seasoned enterprise integrating third-party solutions, understanding the nuances of open-source licenses is paramount. This article is here to help you understand the most popular licenses, their implications, and the practicalities that businesses often overlook. Navigate with confidence and chart a course to licensing clarity.
Email marketing is a powerful business tool for connecting with audiences, boosting brand awareness, and driving sales. However, it’s crucial to assess and handle personal data protection issues carefully when using this strategy.
In the dynamic landscape of cloud-based computing services, organisations have come to rely on the flexibility and scalability offered by various models, such as Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). However, alongside the advantages these services bring, negotiating contracts that accurately reflect the unique aspects of each model is crucial. This article delves into the differences between SaaS, PaaS, and IaaS, explores the challenges in contract negotiations, highlights essential contractual provisions, and provides practical tips to navigate these complexities effectively.
Revolutionary technologies such as the Internet of Things (IoT) and autonomous vehicles are reshaping industries worldwide. As these innovations advance, understanding and managing liability in contracts becomes paramount for all stakeholders involved. In this article, we provide practical tips to help businesses successfully navigate liability issues within IoT and autonomous vehicle commercial contracts.
In today’s digital age, software has become an integral part of our personal and professional lives. Whether you’re a software developer or a user, you must understand the legal framework governing your software’s use. One crucial legal document that protects both creators and users is the End-User License Agreement (EULA). In this article, we will delve into what EULA is, why you need one, and provide practical business insights into drafting an effective EULA.
Are you aware of the recent changes affecting Swiss data protection regulations? In this article, we explore the revised Swiss Federal Data Protection Act (revFADP), delve into the key changes and explain the main differences between the revFA and the GDPR. Mark your calendars, as the deadline for compliance is fast approaching, on September 1, 2023.
The General Data Protection Regulation (GDPR) is a comprehensive data protection regulation implemented in the European Union (EU) in May 2018. It aims to protect the personal data of EU citizens and residents and ensure that businesses and organisations are held accountable for the way they collect, process, and store this data. It sets out strict requirements for data protection and privacy, and failure to comply can result in significant fines and other penalties – up to €20 million, or up to 4% of the annual global turnover of the preceding fiscal year, whichever is higher – a valid reason to check your data processing practices.
The General Data Protection Regulation (GDPR) has been in place for several years, yet many businesses still struggle to understand whether they can process personal data. While the GDPR provides six lawful bases for data processing, there is a lack of understanding among businesses on which basis they can rely to process data. As a result, companies often add unnecessary consent requests to all their documents, which can cause confusion and frustration for their customers.
Data processing has become an integral part of business operations. With the increased use of cloud-based services and outsourcing, companies must understand the roles of data controllers and data processors and the legal agreement between them, known as a Data Processing Agreement (DPA).
Earlier in our Data Protection Series, we shared some tips on how to obtain valid consent in accordance with the General Data Protection Regulation (GDPR). Today, we want to explore cookies consent banners in light of the latest Report issued by Cookie Banner Taskforce.
Although the General Data Protection Regulation (GDPR) has been in place for over four years, some concepts and notions are still a topic of hot discussion and continue to confuse stakeholders. Earlier in our data protection series of articles, we addressed the European regulation of cross-border data transfers. In this article, we will shed some light on data controllers’ obligation to implement appropriate technical and organisational measures when processing personal data.
Although the General Data Protection Regulation (GDPR) has been in place for over four years, some concepts and notions are still a topic of hot discussion and continue to confuse stakeholders. Earlier in our data protection series of articles, we addressed the European regulation of cross-border data transfers. In this article, we will shed some light on data controllers’ obligation to implement appropriate technical and organisational measures when processing personal data.
Although the General Data Protection Regulation (GDPR) has been in place for over four years, some concepts and notions are still a topic of hot discussion and continue to confuse stakeholders. Earlier in our data protection series of articles, we addressed the European regulation of cross-border data transfers. In this article, we will shed some light on data controllers’ obligation to implement appropriate technical and organisational measures when processing personal data.
As the world recovers from COVID-19, international travel has picked up again causing airport havoc across the globe. However, some international transfers have continued without interruption –invisible, but significant flows. These are the cross-border personal data transfers that happen every day …
Shortly after Brexit, the UK Government re-evaluated its data protection regime and cross-border data processing. The Government concluded that the EU General Data Protection Regulation (EU-GDPR) was incompatible with the UK and represented an unreasonable administrative burden on businesses, particularly small businesses, including start-ups.
