Unlike the EU General Data Protection Regulation (GDPR), the revised Swiss Data Protection Act (DPA) imposes personal fines for various violations. Management and the board of directors are also subject to those fines if they fail to undertake the necessary steps to ensure or restore data protection compliance. This includes asking for regular reports and acting upon them. VPS can be used to obtain an overall picture of the compliance status.

VPS can also help the data protection office or outside advisor to identify the need for action at the company or department and to keep an overview – also in terms of data security.

If you already have external help for your own data protection compliance: Do the assessment in advance and send your advisor the report generated by VPS. This will help them to better and more quickly assess your situation and define the necessary steps, including the documents that need to be created for you. This will save you time and money.

For those who want to carry out the VPS assessment regularly and do not want to re-enter all answers every time, we also offer VPS as an Excel tool. This allows the assessments to be carried out offline in your own environment and it is also possible to make subsequent changes to the answers (e.g., if a certain gap has been closed). It is also possible to integrate your own logo. A second worksheet provides tools to plan and manage your compliance work on the gaps identified and include comments (see screenshot). With the Excel, you can do an assessment for an entire company or only for one part of it (e.g., a specific department). The Excel contains all the assessment programs available online and more (e.g., the detailed assessment program, but without the data security sections). The Excel is bilingual (German, English), requires Excel 2016 or later and costs CHF 800 plus VAT for SMEs with up to 250 employees and CHF 3,400 plus VAT for larger companies (each as a one-time licence); this includes updates for six months. For advisors who wish to carry out assessments for their clients, we offer a “branded” version (if desired together with suitable templates and compliance tools that we use ourselves). It is possible to integrate the responses recorded online into an existing Excel (insofar the version is the same).

The VISCHER Privacy Score has different assessment programs. You can select the preferred program below.

Attention: In the current test-version (“Public Beta”) we do not offer all assessments. Certain programs are not yet available. See also the legal notice at the end.

The questionnaire does not have to be filled out at once; there is the possibility of a “Save & Resume”. However, once the answers have been submitted, the questionnaire must be started over again if a new assessment is desired. For those who do not want to do this over and over again, we offer the Excel on which the assessment is based separately (see above). It can be filled out offline and changes can be made. That said, even if you use the online version, we will treat your data confidentially (see also the notes at the end).

VPS Small Businesses is a simple and generic assessment for companies up to about 50 employees without risky data processing. It gives a first impression.

VPS Data Security allows to assess the current level of data security and identify improvement potential.

Privacy and confidentiality: You do not have to register or give your real name for any of the online assessments; you can have the reports delivered also to an anonymous email address. All information that you enter will appear in the PDF. The data is processed on the servers of Formstack.com in the USA (Formstack). Hence, only fill out the form if you agree to this. In the USA, where there is no adequate level of data protection, lawful access by US authorities is not excluded; data protection authorities from the EEA, may, however, not be able to access to such data. You can decide each time you use the form whether you want your data to be included in our maturity statistics – in this way you enable us to build up a database for creating a benchmark per industry sector which ultimately benefits everyone. However, we will treat your data confidentially either way.

The categories of recipients of any personal data are the service providers we use, in particular Formstack (USA), Microsoft (Ireland), PDF4me (Switzerland) and Hostpoint (Switzerland). We process and store any personal data mainly in Switzerland, the European Economic Area (EEA), the USA and, in exceptional cases, in any country in the world. When transferring personal data abroad, we rely on the standard contractual clauses of the European Commission and the consent of the data subjects. This website and related services are not directed at natural persons in the EEA and no behavioural monitoring is carried out; the Swiss Data Protection Act (DPA), not the GDPR applies insofar as personal data is collected. The controller is VISCHER AG (see below for contact details).

We use a single cookie on this website (for language selection storage); various cookies (for storing settings, for analytics and for managing the forms) are used on the Formstack forms, but without identifying the data subjects. They can be partially blocked in the user’s own browser (see your browser settings), which may, however, result in functional restrictions.

Legal notice: The VISCHER Privacy Score and the reports produced do not constitute legal advice and are provided without any warranty. Their use is at your own risk. However, please report any errors to us at dataprivacy@vischer.com.

Assessments/Excel: David Rosenthal, VISCHER Ltd.
Backend/Automation: David Koelliker, VISCHER Ltd.
Website: Lucian Hunger, VISCHER Ltd.

Video: iStock.com/Mystockimages