Beginning today (April 12, 2017), U.S. companies can initiate the certification process under the Swiss‑U.S. Privacy Shield with the DOC.
The Privacy Shield (see our Overview and our previous contributions on the subject) replaces the Safe Harbor Agreement, which was deemed invalid by the ECJ in the “Schrems” ruling, as the basis for transferring personal data to the USA. The USA is otherwise considered to have an inadequate level of data protection.
Certification under the EU-US Privacy Shield has been possible since August 1, 2016. However, U.S. companies that are only certified under the EU‑U.S. Privacy Shield do not provide sufficient protection from a Swiss perspective. As a basis for the transfer of personal data from Switzerland to the U.S., a separate certification under the Swiss‑U.S. Privacy Shield is required. Further information can be found at here.