VISCHER Privacy Score.
Ready for the new Swiss Data Protection Act?
Compliant with the GDPR?
Find out with VPS!
Why VISCHER Privacy Score?
- For finding out and documenting your gaps in your data protection compliance
- For getting recommendations on how to improve your compliance
- For reporting to the management and the board (helps protecting them from personal fines)
Unlike the EU General Data Protection Regulation (GDPR), the revised Swiss Data Protection Act (DPA) imposes personal fines for various violations. Management and the board of directors are also subject to those fines if they fail to undertake the necessary steps to ensure or restore data protection compliance. This includes asking for regular reports and acting upon them. VPS can be used to obtain an overall picture of the compliance status.
VPS can also help the data protection office or outside advisor to identify the need for action at the company or department and to keep an overview – also in terms of data security.
If you already have external help for your own data protection compliance: Do the assessment in advance and send your advisor the report generated by VPS. This will help them to better and more quickly assess your situation and define the necessary steps, including the documents that need to be created for you. This will save you time and money.
Only three steps.
- Select assessment program and applicable law (Swiss DPA, GDPR or both)
- Provide your e-mail and other information (no registration necessary)
- Answer the questionnaire and submit it
We will then send you the VPS assessment with specific recommendations as a PDF free of charge. You will not receive any promotional calls or emails from us as a result of your participation.
The “Privacy Score” questionnaire covers approximately what would be discussed in an advisory session with an expert of 3-4 hours.
Do you want to run such assessments on your own computer and be able to adjust them later on? VPS is available from us also as an Excel tool for a small license fee (see below). Write to firstname.lastname@example.org.
PS. It may help you answer the questions more efficiently if you first try to obtain this list of documents, if you have them. We always ask our clients for these documents prior to a compliance assessment (even though many have none or almost none of the documents listed).
Your report in a PDF.
“Our questionnaires are demanding, and no one can fully comply with data protection. But even if you let us or our colleagues in other law firms and consultancies help you prepare for the new DPA, you should yourself keep an eye on the gaps. This is the only way you can set the right priorities, because not all of it is equally important.”
David Rosenthal, Partner, Head of the VISCHER Data & Privacy Team
“Very good and detailed questions and especially detailed and appropriate answer options.”
V.C., Project Lead
“I think the questions are excellent and will be able to get some benefit from the test report.”
“I enjoyed trying out your new tool once and think it’s great! My initial fear that everything is wrapped up in some vague data protection legalese was very quickly proven wrong and I think that’s what makes it enjoyable for companies!”
T.W., Data Protection Officer
“The tool is very good and could help me a lot to support clients.”
P.S., Leader of a Security Advisory Team
“The evaluation gives good indications. … Our purpose: Identify priorities of what still needs to be done, reporting to management (and the board of directors if they actually want to see it) and internal audit as well as providing confirmation to other internal stakeholders and external business partners.”
M.A., Compliance Officer
“Thank you very much David Rosenthal. I have already been able to try out this helpful tool as a client. It allows you to get a good overview of where you stand in the subject matter very quickly.”
“Everyone should now really be able to deal with this. No more excuses.”
A.O., Privacy Professional
“I have also tested it and find it super practical. Also as an overview for management. Thank you very much for your work.”
R.J., Service Manager
No name and no account is required.
Only a valid e-mail address.
You will not receive any advertising from us. We will only send you the result via e-mail.
VPS as an Excel for using it offline.
For those who want to carry out the VPS assessment regularly and do not want to re-enter all answers every time, we also offer VPS as an Excel tool. This allows the assessments to be carried out offline in your own environment and it is also possible to make subsequent changes to the answers (e.g., if a certain gap has been closed). It is also possible to integrate your own logo. A second worksheet provides tools to plan and manage your compliance work on the gaps identified and include comments (see screenshot). With the Excel, you can do an assessment for an entire company or only for one part of it (e.g., a specific department). The Excel contains all the assessment programs available online and more (e.g., the detailed assessment program, but without the data security sections). The Excel is bilingual (German, English), requires Excel 2016 or later and costs CHF 800 plus VAT for SMEs with up to 250 employees and CHF 3,400 plus VAT for larger companies (each as a one-time licence); this includes updates for six months. For advisors who wish to carry out assessments for their clients, we offer a “branded” version (if desired together with suitable templates and compliance tools that we use ourselves). It is possible to integrate the responses recorded online into an existing Excel (insofar the version is the same).
The VPS Assessment Programs.
The VISCHER Privacy Score has different assessment programs. You can select the preferred program below.
Attention: In the current test-version (“Public Beta”) we do not offer all assessments. Certain programs are not yet available. See also the legal notice at the end.
The questionnaire does not have to be filled out at once; there is the possibility of a “Save & Resume”. However, once the answers have been submitted, the questionnaire must be started over again if a new assessment is desired. For those who do not want to do this over and over again, we offer the Excel on which the assessment is based separately (see above). It can be filled out offline and changes can be made. That said, even if you use the online version, we will treat your data confidentially (see also the notes at the end).
VPS Detailed Assessment.
VPS Detailed Assessment is suitable for companies with more than 50 employees, with high-risk data processing or in cases where a more detailed assessment is desired.
VPS Small Businesses.
VPS Small Businesses is a simple and generic assessment for companies up to about 50 employees without risky data processing. It gives a first impression.
VPS Cloud Project.
VPS Cloud Project allows the assessment of cloud projects (without professional and official secrecy).
VPS Data Security.
VPS Data Security allows to assess the current level of data security and identify improvement potential.
When does the GDPR apply to your organization? In short, when you (i) are in the EEA (or UK), (ii) actively offer your goods or services to people in the EEA (or UK) (in the sense of “targeting”) or (iii) monitor people in the EEA (or UK) regarding their behaviour there (e.g. through online profiling), and if you work with personal data in such context. Operating a website that is accessible from the EEA, employing staff from the EEA or using a service provider from the EEA is not in itself sufficient for the GDPR to apply. Form C.1 at https://dsat.ch (free of charge, but only in German) provides a more detailed assessment.
Status of evaluation: 14 May 2023 – Status of online implementation: 16 May 2023
Privacy and confidentiality: You do not have to register or give your real name for any of the online assessments; you can have the reports delivered also to an anonymous email address. All information that you enter will appear in the PDF. The data is processed on the servers of Formstack.com in the USA (Formstack). Hence, only fill out the form if you agree to this. In the USA, where there is no adequate level of data protection, lawful access by US authorities is not excluded; data protection authorities from the EEA, may, however, not be able to access to such data. You can decide each time you use the form whether you want your data to be included in our maturity statistics – in this way you enable us to build up a database for creating a benchmark per industry sector which ultimately benefits everyone. However, we will treat your data confidentially either way.
The categories of recipients of any personal data are the service providers we use, in particular Formstack (USA), Microsoft (Ireland), PDF4me (Switzerland) and Hostpoint (Switzerland). We process and store any personal data mainly in Switzerland, the European Economic Area (EEA), the USA and, in exceptional cases, in any country in the world. When transferring personal data abroad, we rely on the standard contractual clauses of the European Commission and the consent of the data subjects. This website and related services are not directed at natural persons in the EEA and no behavioural monitoring is carried out; the Swiss Data Protection Act (DPA), not the GDPR applies insofar as personal data is collected. The controller is VISCHER AG (see below for contact details).
We use a single cookie on this website (for language selection storage); various cookies (for storing settings, for analytics and for managing the forms) are used on the Formstack forms, but without identifying the data subjects. They can be partially blocked in the user’s own browser (see your browser settings), which may, however, result in functional restrictions.
Legal notice: The VISCHER Privacy Score and the reports produced do not constitute legal advice and are provided without any warranty. Their use is at your own risk. However, please report any errors to us at email@example.com.