Website Compliance Analysis

We scan your digital presence against Swiss and EU regulations and give you a clear report of what needs fixing. FADP, GDPR, cookie consent, privacy policy, impressum.

We scan your digital presence against Swiss and EU regulations and give you a clear report of what needs fixing.

What we check

Your website, apps, and digital tools are subject to Swiss and European data protection regulations. Non-compliance is not a theoretical risk — it results in fines, customer complaints, and reputational damage.

We run a structured, technical analysis of your digital presence and deliver a clear report with specific findings and recommended fixes.

Swiss data protection (FADP/DSG)

The revised Swiss Federal Act on Data Protection (nFADP/revDSG) has been in force since September 2023. We check:

  • Data processing transparency — is it clear what personal data you collect, why, and how long you keep it?
  • Legal basis for processing — do you have valid consent, contractual necessity, or legitimate interest for each data processing activity?
  • Cross-border data transfers — are you transferring data outside Switzerland? If so, do you have adequate safeguards?
  • Data subject rights — can users access, correct, or delete their data? Is the process clear and functional?
  • Data breach procedures — do you have a process for detecting and reporting data breaches to the FDPIC within 72 hours?

GDPR compliance

If you serve customers in the EU or EEA, GDPR applies — even if your company is in Switzerland. We check:

  • EU representative — have you designated one if required under Art. 27 GDPR?
  • Records of processing activities — are they complete and current?
  • Data Processing Agreements — are they in place with all processors?
  • Privacy by design and by default — are your systems configured accordingly?
  • International transfer mechanisms — Standard Contractual Clauses, adequacy decisions, or other safeguards?

The most visible compliance issue — and the one most sites get wrong.

  • Cookie banner implementation — does it meet legal requirements (not just a “we use cookies” notice)?
  • Prior consent — are non-essential cookies actually blocked before consent is given?
  • Granular choices — can users accept/reject categories individually?
  • Consent records — are you logging proof of consent?
  • Third-party scripts — are analytics, marketing, and social media pixels loading before consent?

Privacy policy review

Your privacy policy is a legal document. We check it against current requirements:

  • Completeness — does it cover all required disclosures under FADP and GDPR?
  • Accuracy — does it match what your website actually does?
  • Readability — is it understandable to a non-lawyer?
  • Accessibility — is it easy to find from every page?
  • Currency — does it reflect your current data processing practices?

Data processing inventory

We help you map your data processing landscape:

  • What data you collect across all digital touchpoints
  • Where it goes — which third parties, servers, and countries
  • Who has access — internal roles and external processors
  • How long it is kept — retention periods and deletion practices
  • What protects it — encryption, access controls, backups

Impressum compliance

Swiss law requires specific information on commercial websites. We verify:

  • Company identification — legal name, UID, registered address
  • Contact information — functional email and/or phone
  • Professional regulations — if applicable, references to relevant professional body
  • VAT registration — if applicable

What you get

A structured compliance report with:

  1. Executive summary — overall compliance status and priority issues
  2. Detailed findings — each issue documented with the specific legal requirement it violates
  3. Risk assessment — severity rating for each finding (critical, high, medium, low)
  4. Recommended fixes — specific, actionable steps to resolve each issue
  5. Technical evidence — screenshots, code snippets, and configuration details

The report is delivered within 10 business days. No legal advice — we provide a technical compliance analysis that your legal team or DPO can act on.

Who this is for

  • Swiss companies with websites, apps, or digital services
  • Companies serving EU customers from Switzerland
  • Startups preparing for their first compliance audit
  • Agencies who need compliance checks for client websites
  • DPOs and compliance officers who want an independent external review

Get started

Send us your website URL and a brief description of your digital services. We will scope the analysis and get back to you within one business day.

Request a compliance analysis