BackupData security begins with a reliable backupLearn more
Firewall & NetworkFirewall and network management for secure sites Learn more
Password ManagerManage passwords securely and easilyLearn more
Secure E-mailSign and encrypt emailsLearn more
E-mail ArchivingArchive e-mails in a legally compliant mannerLearn more
openDeskCollaboration suite for public administrations and SMEsLearn more
TelephonyInternet telephony made easyLearn moreOpen Circle AG – Zurich
Freilagerstrasse 32
8047 Zürich
Open Circle AG – Bern
Lagerhausweg 30
3018 Bern
Identity & Access
Secure identities and controlled access
Learn more
Firewall & Network
Firewall and network management for secure sites
Learn more
Password Manager
Manage passwords securely and easily
Learn more
Secure E-mail
Sign and encrypt emails
Learn more
E-mail Archiving
Archive e-mails in a legally compliant manner
Learn more
This is because companies not established in the EU must, if their data processing is related, i.e.
a) offer goods or services to data subjects in the EU against payment or free of charge
or
(b) monitoring the behavior of data subjects (“tracking” or “profiling”), to the extent that this is done in the EU
mandatorily appoint a representative in the EU in writing.
The representative in the EU shall be instructed to serve as a point of contact in particular for supervisory authorities and data subjects for all questions in connection with the processing to ensure compliance with the GDPR.
| ? | Is your company established in Switzerland (and not in the EU)? |
| → | Yes – to the next question: |
| ? | Is the data processing related to offering goods or services to data subjects in the EU against payment or free of charge? |
| → | No – to the next question: |
| → | Yes – to the last question: |
| ? | Is the data processing related to monitoring the behavior of data subjects insofar as their behavior takes place in the EU? |
| → | Yes – to the last question: |
| ? | Is the data processing occasional or does not involve large-scale processing of special categories of data and is not likely to result in a risk to the rights and freedoms of natural persons, taking into account the nature, circumstances, scope and purposes of the processing? |
| → | No, designate representative in writing |
The principle from Art. 27 GDPR on this is: a natural or legal person established in the EU who has been appointed in writing by the controller or processor and represents the controller or processor in relation to the obligations incumbent on them respectively under this Regulation.
Only public authorities and public bodies and only the occasional processing of personal data are exempt from having to appoint an EU Data Protection Officer.
The word “occasional” offers a lot of leeway in this context. Companies that want to be on the safe side define a representative.
Companies that are subject to the GDPR are committed to taking action. To implement the GDPR, various tasks must be clarified, assigned and completed by May 25, 2018. Because those who do not comply with the new regulation risk heavy fines. Get a step-by-step guide to implementing the GDPR in your company free of charge in this whitepaper (only available in German).
