Skip to main content

EasyLPD
The easy  solution for the compliance with the FADP Data Protection Act in Switzerland.

Learn More
I nostri servizi

With EasyLPD, comply with the DPA Data Protection Law becomes easy and intuitive, with a solution that allows your company to process personal data in full compliance with current regulations.

Being compliant with FADP has never been so easy

Learn How

EasyLPD Web App

With our EasyLPD Web App it is possible to follow the stages of the company's compliance with the FADP in a clear and fast way, allowing all aspects of the compliance activity to be kept under control: from the definition of tasks to deadlines, through the assignment of responsibilities and document management. EasyLPD Web App, therefore, not only simplifies project management, but it also ensures greater transparency and traceability of the carried out activities.

Tailored solutions

EasyLPD offers companies a comprehensive solution to comply with the Federal Data Protection Act (FADP) in Switzerland. With our support, you will be able to fulfill all statutory requirements quickly and easily, saving valuable time and resources.

Privacy By Design

EasyLPD provides the opportunity for companies to design technology solutions and business processes while respecting privacy principles from the development stage. In this way, companies can reduce the risk of data breaches, improve the quality of their services, and maintain the trust of their customers.

Data Protection and Privacy Experts Advice
  • Lawyers
  • Compliance Experts
  • IT Specialists
  • Cyber Security Professionals

Our services

01. Assessment & Gap Analysis

With our Privacy Assessment service, we assess the company's compliance with the Swiss FADP, identifying any gaps and suggesting solutions to correct them. During the assessment, the company's entire technological infrastructure, data management processes, internal policies and procedures, and staff training and awareness activities are audited. Based on the results, a gap analysis is prepared, highlighting any inconsistencies between the organization's current practices and the requirements of the Swiss FADP.

02. FADP Data Protection Law Compliance

We take care of the drafting of the documents required by the regulations and the management of all the fulfillments required by the FADP (privacy policy, disclosures to data subjects, appointments of the roles required by law, keeping the Register of Data Processing Activities, adjusting contracts with third parties, etc.), while also providing support in their implementation and periodic review to ensure ongoing compliance with the Federal ACT on Data Protection.

03. Creating Business Processes

We support companies in developing and implementing effective processes for personal data management by identifying specific requirements and creating a customized framework for personal data management in accordance with the FADP, creating procedures, for example, for the collection, storage, retention, disposal and communication of personal data, and training staff on the importance of personal data protection and the proper application of business processes.

04. Data Protection Officer - DPO

We take on the mandate as a Data Protection Advisor under Article 10 of the FADP, with the purpose of supporting the company in the management of personal data in accordance with the provisions of the law, and acting as a representative between the data subjects and the company itself, as well as between the company and the data protection supervisory authority, providing support in case of data breach or audits by the authorities, and likewise, enhancing the reliability and reputation of the company.

05. Data Protection Representative in Switzerland

We recruit mandates as Data Protection representatives in Switzerland in order to support companies that are not based in Switzerland but process the personal data of Swiss citizens, as mandatorily required by the FADP if the processing is related to an offer of goods or services or aimed at placing the behavior of data subjects under observation, is carried out on a large scale and periodic basis, and involves a high risk to the personality of the data subjects. The representative serves as an interlocutor between the company, the data subjects and the supervisory authority.

06. Data Breach Management

The data breach management service is designed to support companies in handling cases of personal data security breaches, and involves the timely identification of the data breach, assessment of the risk to the affected data owners, definition of the corrective actions necessary to prevent recurrence, and notification of the incident to the relevant authorities. The service may also include forensic analysis to determine the nature and extent of the incident, managing communications to the affected data owners, and defining the necessary measures to further protect personal data. Data breach management under the FADP helps organizations minimize the damage resulting from a data breach, protect the rights of data owners, and comply with legal obligations under the FADP.

07. Data Protection & Privacy Training

Our training service includes designing a training course tailored to the company's needs, preparing and conducting internal or external training sessions, creating teaching materials, and establishing a system for monitoring and evaluating results. Training on the processing of personal data under the FADP helps companies ensure that staff involved in the processing of personal data are aware of data protection regulations at home and abroad, the risks associated with the processing of personal data, and the measures required to ensure the security of personal data, so as to improve the privacy culture within the company, reduce the risk of breaches, and improve the quality of services offered to clients.

08. DPIA

In Switzerland, DPIA (Data Protection Impact Assessment) is required by the FADP for certain types of personal data processing, such as those that may pose high risks to the privacy of data subjects, large-scale processing of personal data worthy of special protection, and systematic surveillance of large public spaces. The DPIA service involves analyzing all aspects of personal data processing in order to identify possible privacy and data security risks. The risk assessment helps identify appropriate technical and organizational security measures to mitigate these risks,

09. Cyber Security

In Switzerland, the FADP requires companies to develop appropriate technical and organizational measures to protect personal data, particularly from unauthorized access, modification, disclosure, or accidental or unlawful destruction. In addition, the FADP provides penalties for personal data breaches, which can be avoided through careful management of cyber security. Our cyber security service provides a comprehensive assessment of the organization's IT systems and infrastructure in order to identify any vulnerabilities, and develop action plans to improve security. This includes analysis of security procedures, implementation of security policies, data protection, risk management, employee training, and assessment of regulatory compliance.

Who we are

Our Team

The EasyLPD team consists of a group of professionals specializing in the field of data protection and privacy. We are lawyers, compliance experts, software engineers, and cyber security experts.

"Privacy is not just a matter of laws and regulations; it is an act of respect for individuals and their dignity."

Partners

Thomas Contin

Managing Partner of EasyLPD.

CEO of Advisorn GmbH.

President and board member of several foundations.

Lawyer. He has been active for over 15 years in the field of privacy and data protection, as well as in intellectual property, IT, Fintech, RegTech, InsurTech and business law.

He speaks Italian, English and German.

Partners

Ramona Gallo

EasyLPD Partners.

Owner of the Gallo Law Firm.

Registered with the Canton of Ticino Bar Association.

She has been active for more than 10 years in the field of privacy and data protection, as well as in commercial law, cross-border law and international law.

He speaks Italian, French and English.

Our Partners

Privacy & Data Protection

Privacy & Data Protection

Privacy & Data Protection

Privacy & Data Protection

Privacy & Data Protection

Personal Data Processing

Personal Data Processing

Personal Data Processing

Personal Data Processing

Personal Data Processing

FADP Data Protection Law

Frequently asked questions

1. When will the new FADP Data Protection Law come into effect?

The new FADP will come into effect in Switzerland on September 1, 2023.

2. To whom does the new FADP apply and what is the matter of the protection?

The new FADP applies to all companies and federal agencies that process personal data in Switzerland, regardless of their registered office. The law covers the protection of personal data, that is, information about identified or identifiable natural persons, such as first name, last name, e-mail address, geolocation data, and other sensitive information. The law aims to ensure that the processing of personal data is done in a legal, fair and transparent manner, preventing any abuse, discrimination or violation of privacy. The new FADP also includes new provisions for the protection of sensitive data, such as those related to health or sexual orientation, and introduces specific obligations for data processing by foreign companies.

3. What exactly does the new FADP regulate?

The new Swiss Federal Act on Data Protection regulates the protection of personal data, defines the rights of data owners, stipulates obligations for companies and federal agencies that process personal data, and establishes penalties for violations.

4. What are the penalties under the new FADP for failure to comply with it?

The penalties under the new FADP are criminal in nature and provide for fines of up to CHF 250,000 against the individual responsible for the violation.

5. What fulfillments does the new FADP provide for?

The new FADP stipulates that companies and federal agencies that process personal data must take appropriate technical and organizational measures to ensure data protection, designate a data protection officer where appropriate, and inform data owners how the data will be processed.

6. What are the main changes introduced by the new FADP?

The new FADP has broadened the definition of "personal data," introduced new rights for data owners, such as the right to be forgotten and the right to data portability, and provided stricter penalties for violations of the law.

7. What are the rights of data owners under the new FADP?

Data owners have the right to access their data, to request its correction or deletion, to object to its processing, and to request data portability.

8. What are the rules on the protection of sensitive personal data under the new FADP?

The new FADP provides special protection for sensitive personal data, such as those related to health, sexual orientation, political or religious beliefs, and imposes specific restrictions on their processing.

9. What are the rules on data breach notification under the new FADP?

Companies that experience a personal data breach must notify the supervisory authority and affected data owners within 72 hours of discovering the breach.

10. How can the owner enforce his or her rights under the new FADP?

To enforce his or her rights under the new FADP, the data owner can contact the company or federal agency processing his or her personal data and request access, correction or deletion, objection to processing, or data portability. If there is no response or an unsatisfactory response, the owner may contact the data protection supervisory authority to file a complaint. The supervisory authority will investigate the complaint and may initiate action to enforce the holder's rights. In addition, the new FADP provides that data controllers can also enforce their rights in court, for example, to obtain compensation for the harm suffered.

EasyLPD. Data Protection Compliance Made Easy.

Where We Are

Via Valdani 2
6830 Chiasso

Contact

+41 (0)91 2615093

contact@easylpd.ch

Start Now

EasyLPD is a trademark of Advisorn GmbH

©  2025 EasyLPD - Advisorn GmbH. All Rights Reserved.
Terms | Privacy Notice | Cookie Policy