Data / Technology / IP

Data Law and Privacy Protection

Tailored to Your Industry, Business Model, and Market Orientation

Challenges of data law and privacy protection are not one-size-fits-all. Every industry, business model, and market orientation has its own set of intricacies and demands when it comes to managing data and ensuring compliance with privacy and other regulations.

We advise our clients on all aspects of data law in the complex landscape of data privacy, data security, data usage, data protection and data regulations.

Our team of expert lawyers specializes in providing customized legal solutions that cater to the specific needs of your business. With a keen understanding of various industries and regulatory landscapes, we offer tailored advice and strategies to help you navigate the complexities of data law, data usage, data protection, and data security.

Whether you operate in finance, healthcare, technology, or any other sector, we are here to assist you. We offer extensive experience in data protection compliance and a thorough understanding of implementing and shaping data-driven business models. We draft and negotiate the necessary contracts with your (potential) partners both domestically and internationally, communicate and negotiate with the relevant authorities, examine and shape specialized legal requirements in interface areas, assist in assessing the legal feasibility of your data-based project, and identify and categorize regulatory risks. Depending on the industry, business model, and market orientation, we develop concrete legal solutions with you to address the various legal challenges in day-to-day operations on a risk-based approach. In line with our comprehensive offering, we provide holistic consulting concepts, offer standardized service packages where appropriate, and enhance them with our tailored expertise.

If your company falls victim to a cyber-attack, our Cyber Risk Response Team is available to assist you. If you are affected as a customer, we help you to enforce your damages resulting from a cyber risk incident as far as possible. Naturally, we also rely on the expertise of other non-legal specialists and can tap into our local and international network to access our partners in various industries and interface areas.

In compliance with Swiss data protection law (DSG), the EU General Data Protection Regulation (GDPR), the EU Data Act, the Information Security Act (ISG), and other relevant regulations (e.g. AI Act of the EU), we offer comprehensive legal support that protects your business, leverages the potential of data-driven business models, and enhances the trust of your customers.

Our compliance offering includes workshops for implementing the requirements of the Swiss Federal Act on Data Protection (FADP) as well as the EU General Data Protection Regulation (GDPR), Cyber Resilience, and the EU Data Act (machine data, cloud switching, etc.). Additionally, we offer various standard documents. We also provide our DPO service as data protection officer (Art. 10 FADP), as well as acting as Swiss representatives for foreign companies (Art 14 and 15 FADP). If you fall victim to a cyber-attack, we accompany you with our emergency concepts, available 24/7 if desired. To make your data protection visible externally, we issue data protection seals of approval in collaboration with one of our partner organizations. We are happy to provide further details in a personal conversation.

Legal

  • Advise on all other data law matters (e.g., asserting or defending against data subject rights, Privacy by Design and by Default, confidentiality protection and professional secrecy, banking secrecy, data regulation in digital markets, EU Data Act (machine data), Artificial Intelligence, Information Security Act (ISG), FADP, GDPR, etc.)
  • Advise on special laws including regulatory issues (e.g., in the banking, insurance, healthcare, advertising, and industrial sectors, critical infrastructures)
  • Drafting, negotiation, review, and enforcement of data license agreements
  • Drafting of other contract documents and confidentiality clauses (e.g., general terms and conditions, employment contracts, NDAs, license agreements, etc., including procurement law)
  • Consultation on outsourcing projects (SaaS, IaaS, PaaS) and data-driven business models (DaaS)
  • Legal assessment of data-driven business models (e.g., data sharing, data usage, Artificial Intelligence (AI), Confidential Computing)
  • Access to government data (Freedom of Information Act; FOIA)
  • Preparation of legal memoranda, assessments, and opinions
  • Data law due diligence in M&A transactions
  • Investigations and support for procedures related to legal reporting obligations to authorities (GDPR; FADP; reporting of cyber attacks to FINMA and BACS; supervisory notifications and other regulatory reporting procedures)
  • Legal support for Cyber Risk incidents

Compliance

  • Assistance with compliance with the Swiss FADP, the GDPR and Data Act
  • Conducting data protection workshops
  • Conducting Data Act workshop
  • Creation/review of data protection compliance processes (information process, correction process, deletion process)
  • Creation of data protection compliance documents (e.g., privacy policies, processing records, data protection instructions, guidelines, consent texts, etc.)
  • Conducting/supporting data protection impact assessments (e.g., use of Artificial Intelligence; blockchain, Confidential Computing, etc.)
  • DPO service (Art. 10 FADP) / Support for internal "DPOs"
  • Swiss representative for companies abroad (Art. 14, 15 FADP)
  • Employee training
  • Assistance in the event of a Cyber Risk incident (compliance and sanctions)
  • Risk assessments (chain analysis, KYC/AML)
  • Support for reporting obligations (FADP/ FINMA notification / Information Security Act (ISG), GDPR)
  • Data protection seals ePrivacy

Awards

  • Legal 500

    MME Legal | Tax | Compliance advises companies from the technology and telecoms sectors as well as banks and health care providers on a variety of TMT matters, including IP and data protection mandates. The team is well-versed in fintech, IT, gaming and distributed ledger technologies and assists with outsourcing, relocation and distribution projects as well as advising on contractual matters. Practice head Martin Eckert specialises in blockchain and software issues, while Michael Kunz acts on technology transfers and focuses on fintech mandates and the regulation of distributed ledger technologies.

    MME Legal | Tax | Compliance has a strong presence in the Swiss technology and telecoms field and advises clients on a whole host of data privacy and data protection issues. The team, headed by Martin Eckert, conducts data protection assessments, provides assistance in cases of cybercrime in the form of a cyber risk response team and issues data protection certificates to signify compliance with Swiss and European data protection laws.

    Practice head(s): Dr. Martin Eckert

    Other key lawyers: Michael Kunz

  • Who's Who Legal

    • Dr. Martin Eckert: Global Leader in Data Privacy & Protection, Information Technology, Telecoms & Media 2021.
    • Dr. Martin Eckert: National Leader in Data 2021.
    • Dr. Andreas Glarner: National Leader in Data 2021.

    WWL says: At MME Martin Eckert is 'top notch'. As former judge at the Swiss Federal Appeal Commission for Intellectual Property, he has a 'wealth of knowledge' and is respected in the field.

    Martin Eckert is widely regarded by sources as a leading light in data protection and an expert in complex projects. 

    WWL says: Andreas Glarner earns acclaim from respondents this year thanks to his exceptional expertise in blockchain and cryptocurrencies. 

  • BILANZ Top Law Firms in Switzerland: "Technology and Telecommunications Law"

    MME Legal | Tax | Compliance was named one of the best law firms in the legal field "Technology and Telecommunications Law" 2021 in Bilanz.