Check legal and security relevant information of your homepage.
The General Data Protection Regulation (GDPR) regulates how personal data is handled in the EU. In strict terms, this only affects websites that also target EU visitors currently. However, with Switzerland currently updating its data protection legislation and expected the follow the EU example, all Swiss SMEs should ensure they have a sound grasp of the data protection requirements affecting their websites now. Non-compliance with GDPR can be assessed and usually implemented very quickly, particularly for websites that can be accessed globally.
Homepage Checker: What do we check on your homepage?
Encryption (https) Whether the encrypted https data transmission protocol (SSL certificate) is consistently used for data transmission.
Cookies/Tracking Whether and which data is collected from visitors on the homepage and whether you clearly indicate this (on the homepage) to obtain visitor consent (usually as a cookie pop-up or banner).
Imprint Whether the imprint obligation for Switzerland is fulfilled.
Online Shop We check whether the homepage offers an online shop as this increases the data protection requirements.
GDPR with Swisscom's HomepageTool
If you use Swisscom's HomepageTool, you can benefit from specific functions, templates and assistance to help you comply with the GDPR guidelines. Test it for two months for free and see for yourself!
The website is usually the first point of contact with a company. With MyWebsite, your website is in good hands – we can create your individual homepage with professional text and images in just a few weeks for a fixed price.
MyWebsite is a product by our subsidiary localsearch (Swisscom Directories AG)
Questions & answers on the most important aspects of GDPR
Which homepages are affected?
Every operator with a homepage that stores personal data is affected, which is often more common than we think. Personal data, such as names and e-mail or IP addresses, is usually stored when visitors from the EU visit your homepage. This data could be stored by your website for statistical analysis that runs in the background, for instance.
What do you need to do?
It is important to know, clearly identify and explicitly gain consent to where and how your homepage collects personal visitor information and how it is stored and used. Furthermore, the data must be made accessible and it must be possible to change or delete it at the request of the customer. Swisscom cannot provide you with legal advice or support in implementing the GDPR guidelines. If you need this, we recommend that you obtain legal advice from a specialist in data protection law through the Swiss Bar Association.
Do visitors have to ‘accept cookies’?
In principle, yes. Visitors should be able to decide which cookies (usually divided into ‘necessary’, ‘statistical’ and ‘advertising’ cookies) they want to accept. The necessary cookies are required to be able to display the homepage correctly. As a homepage operator, it is mandatory to be aware of the cookies used and request the consent of visitors in a pop-up or banner (opt-in).
Is a privacy statement really necessary?
Do I need to know what the data on my homepage is collected for?
Yes, it is obligatory! Contact forms, blogs, Google Analytics, widgets or third-party plug-ins are all elements that collect data. Tools such as Ghostery or Privacy Badger are useful for learning more about cookies and integrated services on your homepage.
Why is encryption important on your homepage?
As a matter of principle, personal data from your users and customers should be sent to and from your website using SSL encryption. Activating a permanent SSL encryption and only making your homepage available to users via HTTPS:// is therefore advisable. You can now access free SSL encryption providers, such as ‘Let's encrypt’. Find out more about the necessity and benefits of homepage encryption here.
Do I really need an imprint on my homepage?
Yes, there has been an imprint obligation in Switzerland under the Swiss Act on Unfair Competition (UWG) since 2012, which is completely separate from GDPR Add an imprint to your homepage if you have not done so already. If you need additional help creating an imprint, we recommend you use an online imprint generator. You can find more useful information in this article.
What is classed as personal data?
Personal data is “all information relating to an identified or identifiable person” (according to Swiss federal law). Examples of personal data:
First name, last name
Date of birth
Bank account details
General Data Protection Regulation (GDPR): what is it?
The moment you open a homepage, there it is again, the ‘Accept Cookies’ pop-up. Whilst it may have become something of a general irritant in our online lives, there’s good reason for it. The new General Data Protection Regulation (GDPR) came into force in the EU in May 2018. You can read about points to consider on this topic and how to ensure you meet the GDPR standard in the following article.