Website Compliance Analysis

We scan your digital presence against Swiss and EU regulations and give you a clear report of what needs fixing. FADP, GDPR, cookie consent, privacy policy, impressum.

We scan your digital presence against Swiss and EU regulations and give you a clear report of what needs fixing.

What we check

Your website, apps, and digital tools are subject to Swiss and European data protection regulations. Non-compliance is not a theoretical risk. It results in fines, customer complaints, and reputational damage.

We run a structured, technical analysis of your digital presence and deliver a clear report with specific findings and recommended fixes.

Swiss data protection (FADP/DSG)

The revised Swiss Federal Act on Data Protection (nFADP/revDSG) has been in force since September 2023. We check:

  • Data processing transparency. Is it clear what personal data you collect, why, and how long you keep it?
  • Legal basis for processing. Do you have valid consent, contractual necessity, or legitimate interest for each data processing activity?
  • Cross-border data transfers. Are you transferring data outside Switzerland? If so, do you have adequate safeguards?
  • Data subject rights. Can users access, correct, or delete their data? Is the process clear and functional?
  • Data breach procedures. Do you have a process for detecting and reporting data breaches to the FDPIC within 72 hours?

GDPR compliance

If you serve customers in the EU or EEA, GDPR applies, even if your company is in Switzerland. We check:

  • EU representative. Have you designated one if required under Art. 27 GDPR?
  • Records of processing activities. Are they complete and current?
  • Data Processing Agreements. Are they in place with all processors?
  • Privacy by design and by default. Are your systems configured accordingly?
  • International transfer mechanisms. Standard Contractual Clauses, adequacy decisions, or other safeguards?

The most visible compliance issue, and the one most sites get wrong.

  • Cookie banner implementation. Does it meet legal requirements (not just a “we use cookies” notice)?
  • Prior consent. Are non-essential cookies actually blocked before consent is given?
  • Granular choices. Can users accept/reject categories individually?
  • Consent records. Are you logging proof of consent?
  • Third-party scripts. Are analytics, marketing, and social media pixels loading before consent?

Privacy policy review

Your privacy policy is a legal document. We check it against current requirements:

  • Completeness. Does it cover all required disclosures under FADP and GDPR?
  • Accuracy. Does it match what your website actually does?
  • Readability. Is it understandable to a non-lawyer?
  • Accessibility. Is it easy to find from every page?
  • Currency. Does it reflect your current data processing practices?

Data processing inventory

We help you map your data processing landscape:

  • What data you collect across all digital touchpoints
  • Where it goes. Which third parties, servers, and countries.
  • Who has access. Internal roles and external processors.
  • How long it is kept. Retention periods and deletion practices.
  • What protects it. Encryption, access controls, and backups.

Impressum compliance

Swiss law requires specific information on commercial websites. We verify:

  • Company identification. Legal name, UID, registered address.
  • Contact information. Functional email and/or phone.
  • Professional regulations. If applicable, references to relevant professional body.
  • VAT registration. If applicable.

What you get

A structured compliance report with:

  1. Executive summary. Overall compliance status and priority issues.
  2. Detailed findings. Each issue documented with the specific legal requirement it violates.
  3. Risk assessment. Severity rating for each finding (critical, high, medium, low).
  4. Recommended fixes. Specific, actionable steps to resolve each issue.
  5. Technical evidence. Screenshots, code snippets, and configuration details.

The report is delivered within 10 business days. We do not provide legal advice. We provide a technical compliance analysis that your legal team or DPO can act on.

Who this is for

  • Swiss companies with websites, apps, or digital services
  • Companies serving EU customers from Switzerland
  • Startups preparing for their first compliance audit
  • Agencies who need compliance checks for client websites
  • DPOs and compliance officers who want an independent external review

Get started

Send us your website URL and a brief description of your digital services. We will scope the analysis and get back to you within one business day.

Request a compliance analysis