General Data Protection Regulation (GDPR): What is it?
The moment you open a website, there it is again, the "Accept Cookies” popup. Whilst it may have become something of a general irritant in our online lives, there’s good reason for it. The new General Data Protection Regulation (GDPR) came into force in the EU in May 2018. The following article explains everything you need to know.
Website cookies and other tracking technologies allow visitor data to be collected, saved and managed. The new General Data Protection Regulation governs the security and management of this personal data. It stipulates, for example, that visitors must give their consent to this processing.
Am I subject to the GDPR?
If your website or online shop is visited by customers from the EU, then you are also required to comply with the GDPR. This is because, if you process their personal data, such as their first name, last name, e-mail address and date of birth, the users have to be informed about this.
What do I need to do to avoid the pitfalls related to GDPR?
The following measures are recommended:
Do not acquire customers in the EU: If you sell services and products in the EU, you are subject to the GDPR. To get around this, you can, for example, confine your customer acquisition activities and product sales to the Swiss market.
Do not track the browsing behaviour of persons from the EU: In the specific case of website visitors from the EU, it is important that personal data is only tracked/collected with the explicit consent of the individuals concerned (the ‘data subjects’). We therefore recommend that you do not track visitors from the EU and refrain from behaviour-based advertising.
Do not use additional marketing in the EU: Do not send any newsletters or other communications to people in the EU. If you do not wish to refrain from this, you must obtain their express consent. Also offer them an easy way of unsubscribing from your distribution list.
Interested in finding out more about the GDPR & your own homepage? For more information, see FAQ – GDPR.
The Federal Government also recommends the "Data Protection Self-Assessment Tool". You can perform a self-test on your website at http://dsat.ch/.