Self-certification under the Swiss-US Privacy Shield is starting on 12 April 2017

As of today, 12 April 2017, US organisations can self-certify under the Swiss-US Privacy Shield through the following website. The US Department of Commerce will publish and continually update the list of all certified US organisations.

Transfers of personal data from Switzerland to US organisations certified under the Swiss-US Privacy Shield is facilitated for the personal data covered by such certification compared to transfers to US organisations without such certification.

The certification under the Swiss-US Privacy Shield is similar to but separate from the certification under the EU-US Privacy Shield. Organisations can choose to certify under the EU-US Privacy Shield or under the Swiss-US Privacy Shield only or (preferably) under both. However, only if an organisation is certified under the Swiss-US Privacy Shield, transfers of personal data from Switzerland are facilitated. Certifications under the EU-US Privacy Shield are not sufficient to facilitate transfers of personal data from Switzerland.

The Swiss-US Privacy Shield replaces the former Safe Harbor Framework between Switzerland and the US. Organisations that have been certified under the former Safe Harbor Framework between Switzerland and the US and now wish to certify under the Swiss-US Privacy Shield must not only adapt their privacy policy to align with the new requirements but must also remove any references to the Safe Harbor Framework from their privacy policy.

For more information on the Swiss-US Privacy Shield, see our news as well as the website of the U.S. Department of Commerce on the Privacy Shield.