Data protection

We attach great im­por­tance to the legally compliant and re­spon­si­ble processing of personal data. Our central data governance unit monitors and manages data protection within Swisscom and works closely with all relevant business divisions and other staff units. It is extremely im­por­tant for us to support this unit by developing and expanding ap­pro­pri­ate technical systems.

In the year under review, we pressed ahead with the im­ple­men­ta­tion of the new Swiss Data Protection Act (DPA) by analysing the legal re­quire­ments and their implications. It is being carried out in a cross-organisational programme involving all relevant functions. In addition, new directives and in­for­ma­tion sheets were issued for specific types of data processing.

In 2021, we were also heavily involved in the de­vel­op­ment of privacy icons. These graphical rep­re­sen­ta­tions show data subjects quickly and easily which of his or her data is being processed and how. The icons are made available to the public through the Privacy Icons association and can be used free of charge by data processors. We are a member of the association and are rep­re­sented on the board.

Our Data Ethics Board reviewed several use cases in the year under review to check for compliance with data ethics principles. The data ethics framework has proven its worth and will be con­tin­ued next year (see ‘Business ethics’).