{"id":1294,"date":"2018-03-09T08:35:34","date_gmt":"2018-03-09T08:35:34","guid":{"rendered":"http:\/\/www.internationalhrs.com\/?p=1294"},"modified":"2018-03-12T15:08:20","modified_gmt":"2018-03-12T15:08:20","slug":"data-protection-europe-new-obligations-companies","status":"publish","type":"post","link":"https:\/\/www.internationalhrs.com\/en\/data-protection-europe-new-obligations-companies\/","title":{"rendered":"Data protection in Europe: the new obligations of companies"},"content":{"rendered":"<p>The EU data protection regulation also applies to Swiss-based SMEs. As of 25 May 2018, they hence must comply with seven legal requirements to avoid having fines imposed upon them.<\/p>\n<p>Does your company use personal data of natural persons located in the EU? Does this data processing occur in connection with an offer of goods or services or with the aim to track the behavior of natural persons in the EU area? If this is the case, you are very likely to be affected by the new General Data Protection Regulation (GDPR) of the EU. Many Swiss SMEs are currently putting effort into bringing their activities, and in particular their websites, in line with the GDPR, which will enter into force on 25 May 2018.<\/p>\n<p>In order to determine whether a company falls within the scope of the GDPR, it is important to know whether the natural persons whose data are being processed are located in the EU and whether the company intends to reach people in the EU. Information to help SMEs find out if they are within the scope of this law can be found <a href=\"https:\/\/www.kmu.admin.ch\/kmu\/en\/home\/concrete-know-how\/organize-an-sme\/e-commerce\/data-protection.html\">here<\/a>.<br \/>\nAccording to Monique Cossali Sauvain, head of the Legislative Projects and Methodology Unit at the Federal Department of Justice, the size of the company and the type of data processed are not relevant to the application of the GDPR. &#8220;In practice, this rule is unlikely to apply to small shops like a bakery or a hairdressing salon: these shops do not offer goods or services to people in the EU, nor do they track their behavior. It may, however, apply to a small developer of a dating app, if it offers services to residents of the EU. &#8221;<\/p>\n<p>Companies that fall within the scope of the GDPR must fulfill seven central obligations.<\/p>\n<ol>\n<li><strong>Inform and obtain the consent of the data subject<\/strong><br \/>\nIf the legitimacy of data processing is based on the consent of the data subject, it must be given voluntarily and based on detailed, discernible and specific information. Consent must be given actively and explicitly. On the other hand, it does not require a specific form and can also be given orally. What is important is that the company can prove the consent. And it must always be possible to revoke it.<\/li>\n<li><strong>Ensure &#8220;privacy by design&#8221; and &#8220;privacy by default&#8221;<br \/>\n<\/strong>Already when planning data processing, the company must take technical and organizational measures to ensure compliance with the GDPR and to protect the data of the data subjects (privacy by design). In addition, it must ensure trough presets that by default only data is collected that is required for the respective purpose (privacy by default).<\/li>\n<li><strong>Appoint a representative in the EU<\/strong><br \/>\nThe obligation to appoint a representative in the EU is eliminated if data processing is done on an occasional basis, does not involve specific categories of data and entails almost no risk.<\/li>\n<li><strong>Prepare a list of processing activities<\/strong><br \/>\nThe company or its middlemen must provide an overview with information on the methods of data processing.<\/li>\n<li><strong>Report any data breaches to the regulatory authority<\/strong><br \/>\nThe company must provide rapid mechanisms to notify the data subjects and the relevant regulatory authorities in the event of a breach of data protection.<\/li>\n<li><strong>Perform a data protection impact assessment<\/strong><br \/>\nA type of data processing that carries a high risk of violating rights and freedoms must be subject to an impact assessment.<\/li>\n<li><strong>Pay penalties for violations of the GDPR<\/strong><br \/>\nThe fine that businesses have to pay in the event of a data protection breach can amount to up to 4% of the worldwide annual revenue in the past fiscal year.<\/li>\n<\/ol>\n<p>Good news for all companies that are now adapting to the EU Regulation: the revisions of internal procedures, directives, contracts and declarations of secrecy that they will have made in the end should also be in line with future Swiss requirements in this area. In January 2018, the National Council&#8217;s Political Institutions Committee called for a revision of data protection law in two stages. Companies that adapt to the GDPR will therefore be prepared for this revision. Given the context of an increasing digitization of businesses and their activities in the processing of personal data, such a reform is important for the protection of the rights of individuals.<\/p>\n<p><strong>For further details, please contact International HR Services Ltd.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The EU data protection regulation also applies to Swiss-based SMEs. As of 25 May 2018, they hence must comply with seven legal requirements to avoid having fines imposed upon them. Does your company use personal data of natural persons located in the EU? Does this data processing occur in connection with an offer of goods [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[373,1],"tags":[362,363,359,364,360,365,361],"class_list":["post-1294","post","type-post","status-publish","format-standard","hentry","category-eu","category-uncategorized","tag-data-protection-obligations-for-companies","tag-data-protection-obligations-for-smes","tag-data-protection-requirements","tag-eu-data-security-regulations","tag-eu-general-data-protection-regulation","tag-eu-privacy-laws","tag-gdpr"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Data protection in Europe: the new obligations of companies - International HR Services<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.internationalhrs.com\/data-protection-europe-new-obligations-companies\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Data protection in Europe: the new obligations of companies - International HR Services\" \/>\n<meta property=\"og:description\" content=\"The EU data protection regulation also applies to Swiss-based SMEs. As of 25 May 2018, they hence must comply with seven legal requirements to avoid having fines imposed upon them. Does your company use personal data of natural persons located in the EU? Does this data processing occur in connection with an offer of goods [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.internationalhrs.com\/data-protection-europe-new-obligations-companies\/\" \/>\n<meta property=\"og:site_name\" content=\"International HR Services\" \/>\n<meta property=\"article:published_time\" content=\"2018-03-09T08:35:34+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-03-12T15:08:20+00:00\" \/>\n<meta name=\"author\" content=\"Dagmar Richardson\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dagmar Richardson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/data-protection-europe-new-obligations-companies\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/data-protection-europe-new-obligations-companies\\\/\"},\"author\":{\"name\":\"Dagmar Richardson\",\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/#\\\/schema\\\/person\\\/1450e283907d55ecd53174d3e4a7c9bc\"},\"headline\":\"Data protection in Europe: the new obligations of companies\",\"datePublished\":\"2018-03-09T08:35:34+00:00\",\"dateModified\":\"2018-03-12T15:08:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/data-protection-europe-new-obligations-companies\\\/\"},\"wordCount\":724,\"publisher\":{\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/#organization\"},\"keywords\":[\"Data Protection Obligations for Companies\",\"Data Protection Obligations for SMEs\",\"Data Protection Requirements\",\"EU Data Security Regulations\",\"EU General Data Protection Regulation\",\"EU Privacy Laws\",\"GDPR\"],\"articleSection\":[\"EU\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/data-protection-europe-new-obligations-companies\\\/\",\"url\":\"https:\\\/\\\/www.internationalhrs.com\\\/data-protection-europe-new-obligations-companies\\\/\",\"name\":\"Data protection in Europe: the new obligations of companies - International HR Services\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/#website\"},\"datePublished\":\"2018-03-09T08:35:34+00:00\",\"dateModified\":\"2018-03-12T15:08:20+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/data-protection-europe-new-obligations-companies\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.internationalhrs.com\\\/data-protection-europe-new-obligations-companies\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/data-protection-europe-new-obligations-companies\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\\\/\\\/www.internationalhrs.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Data protection in Europe: the new obligations of companies\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/#website\",\"url\":\"https:\\\/\\\/www.internationalhrs.com\\\/\",\"name\":\"International HR Services\",\"description\":\"International Work Assignments\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.internationalhrs.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/#organization\",\"name\":\"International HR Services\",\"url\":\"https:\\\/\\\/www.internationalhrs.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"International HR Services\"},\"image\":{\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.internationalhrs.com\\\/#\\\/schema\\\/person\\\/1450e283907d55ecd53174d3e4a7c9bc\",\"name\":\"Dagmar Richardson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d9910f8d5346cc618a8b1ff3722e3775371151f10330a3abd74b2002d7c0c4f7?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d9910f8d5346cc618a8b1ff3722e3775371151f10330a3abd74b2002d7c0c4f7?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d9910f8d5346cc618a8b1ff3722e3775371151f10330a3abd74b2002d7c0c4f7?s=96&d=mm&r=g\",\"caption\":\"Dagmar Richardson\"},\"description\":\"Dagmar ist eine ausgewiesene Expertin und beliebte Rednerin bei Global Mobility Seminaren, sie hat auch bereits verschiedenste Artikel zu diesem Thema publiziert. Kunden sch\u00e4tzen ihre pragmatische Art Auslandeins\u00e4tze und Entsendungen zu unterst\u00fctzen sowie ihre Hinweise auf Risiken. Ihr Knowhow bei Inbound und Outbound ist profund und basiert auf viel Erfahrung, sie hat die St\u00e4rke die Themen Bewilligungen \\\/ Sozialversicherungen \\\/ Steuern aufeinander optimal abzustimmen.\",\"url\":\"https:\\\/\\\/www.internationalhrs.com\\\/en\\\/author\\\/dagmar-richardson\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Data protection in Europe: the new obligations of companies - International HR Services","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.internationalhrs.com\/data-protection-europe-new-obligations-companies\/","og_locale":"en_US","og_type":"article","og_title":"Data protection in Europe: the new obligations of companies - International HR Services","og_description":"The EU data protection regulation also applies to Swiss-based SMEs. As of 25 May 2018, they hence must comply with seven legal requirements to avoid having fines imposed upon them. Does your company use personal data of natural persons located in the EU? Does this data processing occur in connection with an offer of goods [&hellip;]","og_url":"https:\/\/www.internationalhrs.com\/data-protection-europe-new-obligations-companies\/","og_site_name":"International HR Services","article_published_time":"2018-03-09T08:35:34+00:00","article_modified_time":"2018-03-12T15:08:20+00:00","author":"Dagmar Richardson","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Dagmar Richardson","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.internationalhrs.com\/data-protection-europe-new-obligations-companies\/#article","isPartOf":{"@id":"https:\/\/www.internationalhrs.com\/data-protection-europe-new-obligations-companies\/"},"author":{"name":"Dagmar Richardson","@id":"https:\/\/www.internationalhrs.com\/#\/schema\/person\/1450e283907d55ecd53174d3e4a7c9bc"},"headline":"Data protection in Europe: the new obligations of companies","datePublished":"2018-03-09T08:35:34+00:00","dateModified":"2018-03-12T15:08:20+00:00","mainEntityOfPage":{"@id":"https:\/\/www.internationalhrs.com\/data-protection-europe-new-obligations-companies\/"},"wordCount":724,"publisher":{"@id":"https:\/\/www.internationalhrs.com\/#organization"},"keywords":["Data Protection Obligations for Companies","Data Protection Obligations for SMEs","Data Protection Requirements","EU Data Security Regulations","EU General Data Protection Regulation","EU Privacy Laws","GDPR"],"articleSection":["EU"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.internationalhrs.com\/data-protection-europe-new-obligations-companies\/","url":"https:\/\/www.internationalhrs.com\/data-protection-europe-new-obligations-companies\/","name":"Data protection in Europe: the new obligations of companies - International HR Services","isPartOf":{"@id":"https:\/\/www.internationalhrs.com\/#website"},"datePublished":"2018-03-09T08:35:34+00:00","dateModified":"2018-03-12T15:08:20+00:00","breadcrumb":{"@id":"https:\/\/www.internationalhrs.com\/data-protection-europe-new-obligations-companies\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.internationalhrs.com\/data-protection-europe-new-obligations-companies\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.internationalhrs.com\/data-protection-europe-new-obligations-companies\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.internationalhrs.com\/en\/"},{"@type":"ListItem","position":2,"name":"Data protection in Europe: the new obligations of companies"}]},{"@type":"WebSite","@id":"https:\/\/www.internationalhrs.com\/#website","url":"https:\/\/www.internationalhrs.com\/","name":"International HR Services","description":"International Work Assignments","publisher":{"@id":"https:\/\/www.internationalhrs.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.internationalhrs.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.internationalhrs.com\/#organization","name":"International HR Services","url":"https:\/\/www.internationalhrs.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.internationalhrs.com\/#\/schema\/logo\/image\/","url":"","contentUrl":"","caption":"International HR Services"},"image":{"@id":"https:\/\/www.internationalhrs.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.internationalhrs.com\/#\/schema\/person\/1450e283907d55ecd53174d3e4a7c9bc","name":"Dagmar Richardson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d9910f8d5346cc618a8b1ff3722e3775371151f10330a3abd74b2002d7c0c4f7?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d9910f8d5346cc618a8b1ff3722e3775371151f10330a3abd74b2002d7c0c4f7?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d9910f8d5346cc618a8b1ff3722e3775371151f10330a3abd74b2002d7c0c4f7?s=96&d=mm&r=g","caption":"Dagmar Richardson"},"description":"Dagmar ist eine ausgewiesene Expertin und beliebte Rednerin bei Global Mobility Seminaren, sie hat auch bereits verschiedenste Artikel zu diesem Thema publiziert. Kunden sch\u00e4tzen ihre pragmatische Art Auslandeins\u00e4tze und Entsendungen zu unterst\u00fctzen sowie ihre Hinweise auf Risiken. Ihr Knowhow bei Inbound und Outbound ist profund und basiert auf viel Erfahrung, sie hat die St\u00e4rke die Themen Bewilligungen \/ Sozialversicherungen \/ Steuern aufeinander optimal abzustimmen.","url":"https:\/\/www.internationalhrs.com\/en\/author\/dagmar-richardson\/"}]}},"_links":{"self":[{"href":"https:\/\/www.internationalhrs.com\/en\/wp-json\/wp\/v2\/posts\/1294","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.internationalhrs.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.internationalhrs.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.internationalhrs.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.internationalhrs.com\/en\/wp-json\/wp\/v2\/comments?post=1294"}],"version-history":[{"count":5,"href":"https:\/\/www.internationalhrs.com\/en\/wp-json\/wp\/v2\/posts\/1294\/revisions"}],"predecessor-version":[{"id":1309,"href":"https:\/\/www.internationalhrs.com\/en\/wp-json\/wp\/v2\/posts\/1294\/revisions\/1309"}],"wp:attachment":[{"href":"https:\/\/www.internationalhrs.com\/en\/wp-json\/wp\/v2\/media?parent=1294"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.internationalhrs.com\/en\/wp-json\/wp\/v2\/categories?post=1294"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.internationalhrs.com\/en\/wp-json\/wp\/v2\/tags?post=1294"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}