The new Swiss Data Protection Act came into effect on September 1, 2023, and applies to all companies in Switzerland. They must now fulfill extensive information and documentation obligations.
In particular, the creation of the record of processing activities plays a central role and forms the basis for the entire data protection documentation.
caralegal provides you with step-by-step guidance towards achieving FADP-compliant data protection documentation.
caralegal is your single source of truth for data protection, linking all required documents.
Manage record of processing activities centrally
Document data protection impact assessment without extra effort
Plan and implement technical and organisational measures
With intuitive workflows, caralegal helps you establish structured processes, ensuring you have a detailed understanding of practical requirements.
Manage information requests
Document data protection breaches in compliance with the FADP
Easily identify your data inventory
Thanks to numerous examples, explanations and templates, caralegal shows you what really matters in data protection management.
More than 400 templates for processing activities
Evaluate and release data processors in a legally compliant manner
Context-sensitive recommended actions
Thanks to the structured workflow, you compile all legally required information step by step.
Set processing purpose
Define categorisation of personal data
Document retention periods
Your processing activities are linked to all documents in caralegal, such as:
Data processor
Data protection impact assessment
Technical and organisational measures
For the creation of a RoPA, data protection experts and business units efficiently collaborate in caralegal:
Assign responsibilities
Use the comment and task functions
Apply the easy approval process
Frequently asked questions / FAQs
Identity of the responsible person
Processing purpose
Description of the categories of data subjects and the categories of personal data processed
Categories of recipients
Retention period of the personal data or the criteria for determining this period
General description of the measures taken to ensure data security (appropriate technical and organisational measures that enable data security breaches to be avoided).
if the data are disclosed abroad, the indication of the country and the guarantees by which appropriate data protection is ensured