FDPIC: Gui­de to the Swiss-US Pri­va­cy Shield

On August 22, 2017, the FDPIC A prac­ti­cal Swiss-US Pri­va­cy Shield Bro­chu­re published. The gui­de informs

• about the obli­ga­ti­ons of com­pa­nies cer­ti­fi­ed for the Pri­va­cy Shield and about the rights of data subjects;
• How to file a com­plaint against a Pri­va­cy Shield cer­ti­fi­ed com­pa­ny; and
• on the ombudsman’s office as a point of cont­act for com­plaints regar­ding the pro­ce­s­sing of per­so­nal data by US Authorities.

The back­ground is that the USA do not pro­vi­de a suf­fi­ci­ent level of data pro­tec­tion for per­so­nal data trans­fer­red from Switz­er­land to the USA trans­fer­red. The Pri­va­cy Shield crea­tes a legal frame­work for the trans­fer of per­so­nal data to par­ti­ci­pa­ting com­pa­nies in the USA. To this end, U.S. com­pa­nies must cer­ti­fy them­sel­ves with the U.S. Depart­ment of Com­mer­ce and under­ta­ke to com­ply with the data pro­tec­tion prin­ci­ples pro­vi­ded for in the Pri­va­cy Shield. The cer­ti­fi­ca­ti­on must be rene­wed annually.

The lists of U.S. com­pa­nies that are mem­bers of the Swiss-US Pri­va­cy Shield and tho­se that are no lon­ger mem­bers are available on the web­site of the U.S. Depart­ment of Com­mer­ce (www.privacyshield.gov/welcome).