Data / Technology / IP

Data Law and Privacy Protection

Tailored to Your Industry, Business Model, and Market Orientation

Challenges of data law and privacy protection are not one-size-fits-all. Every industry, business model, and market orientation has its own set of intricacies and demands when it comes to managing data and ensuring compliance with privacy and other regulations.

We advise our clients on all aspects of data law in the complex landscape of data privacy, data security, data usage, data protection and data regulations.

Our team of expert lawyers specializes in providing customized legal solutions that cater to the specific needs of your business. With a keen understanding of various industries and regulatory landscapes, we offer tailored advice and strategies to help you navigate the complexities of data law, data usage, data protection, and data security.

Whether you operate in finance, healthcare, technology, or any other sector, we are here to assist you. We offer extensive experience in data protection compliance and a thorough understanding of implementing and shaping data-driven business models. We draft and negotiate the necessary contracts with your (potential) partners both domestically and internationally, communicate and negotiate with the relevant authorities, examine and shape specialized legal requirements in interface areas, assist in assessing the legal feasibility of your data-based project, and identify and categorize regulatory risks. Depending on the industry, business model, and market orientation, we develop concrete legal solutions with you to address the various legal challenges in day-to-day operations on a risk-based approach. In line with our comprehensive offering, we provide holistic consulting concepts, offer standardized service packages where appropriate, and enhance them with our tailored expertise.

If your company falls victim to a cyber-attack, our Cyber Risk Response Team is available to assist you. If you are affected as a customer, we help you to enforce your damages resulting from a cyber risk incident as far as possible. Naturally, we also rely on the expertise of other non-legal specialists and can tap into our local and international network to access our partners in various industries and interface areas.

In compliance with Swiss data protection law (DSG), the EU General Data Protection Regulation (GDPR), the EU Data Act, the Information Security Act (ISG), and other relevant regulations (e.g. AI Act of the EU), we offer comprehensive legal support that protects your business, leverages the potential of data-driven business models, and enhances the trust of your customers.

Our compliance offering includes workshops for implementing the requirements of the Swiss Federal Act on Data Protection (FADP) as well as the EU General Data Protection Regulation (GDPR), Cyber Resilience, and the EU Data Act (machine data, cloud switching, etc.). Additionally, we offer various standard documents. We also provide our DPO service as data protection officer (Art. 10 FADP), as well as acting as Swiss representatives for foreign companies (Art 14 and 15 FADP). If you fall victim to a cyber-attack, we accompany you with our emergency concepts, available 24/7 if desired. To make your data protection visible externally, we issue data protection seals of approval in collaboration with one of our partner organizations. We are happy to provide further details in a personal conversation.


  • Advise on all other data law matters (e.g., asserting or defending against data subject rights, Privacy by Design and by Default, confidentiality protection and professional secrecy, banking secrecy, data regulation in digital markets, EU Data Act (machine data), Artificial Intelligence, Information Security Act (ISG), FADP, GDPR, etc.)
  • Advise on special laws including regulatory issues (e.g., in the banking, insurance, healthcare, advertising, and industrial sectors, critical infrastructures)
  • Drafting, negotiation, review, and enforcement of data license agreements
  • Drafting of other contract documents and confidentiality clauses (e.g., general terms and conditions, employment contracts, NDAs, license agreements, etc., including procurement law)
  • Consultation on outsourcing projects (SaaS, IaaS, PaaS) and data-driven business models (DaaS)
  • Legal assessment of data-driven business models (e.g., data sharing, data usage, Artificial Intelligence (AI), Confidential Computing)
  • Access to government data (Freedom of Information Act; FOIA)
  • Preparation of legal memoranda, assessments, and opinions
  • Data law due diligence in M&A transactions
  • Investigations and support for procedures related to legal reporting obligations to authorities (GDPR; FADP; reporting of cyber attacks to FINMA and BACS; supervisory notifications and other regulatory reporting procedures)
  • Legal support for Cyber Risk incidents


  • Assistance with compliance with the Swiss FADP, the GDPR and Data Act
  • Conducting data protection workshops
  • Conducting Data Act workshop
  • Creation/review of data protection compliance processes (information process, correction process, deletion process)
  • Creation of data protection compliance documents (e.g., privacy policies, processing records, data protection instructions, guidelines, consent texts, etc.)
  • Conducting/supporting data protection impact assessments (e.g., use of Artificial Intelligence; blockchain, Confidential Computing, etc.)
  • DPO service (Art. 10 FADP) / Support for internal "DPOs"
  • Swiss representative for companies abroad (Art. 14, 15 FADP)
  • Employee training
  • Assistance in the event of a Cyber Risk incident (compliance and sanctions)
  • Risk assessments (chain analysis, KYC/AML)
  • Support for reporting obligations (FADP/ FINMA notification / Information Security Act (ISG), GDPR)
  • Data protection seals ePrivacy