Is it possible to collect customer lists?

ByPascal Rytz Hours Posted on

Is it possible to collect customer lists?

"Is it legal to collect biometric data or customer lists? Can this information be transferred abroad?

Marco, Geneva.

Personal data is a precious asset for companies, the authorities and every individual concerned about respect for their privacy. Today, personal data is no longer limited to a name and telephone number, but also includes fingerprints, voice, image and biometrics.

Legislation guarantees a right of control over this data, known as the right to informational self-determination, by virtue of articles 13 and 36 of the Constitution, articles 28 et seq. of the Civil Code concerning the protection of the private sphere and, above all, the Federal Data Protection Act (LPD) and the Federal Act on the principle of transparency in the administration (LTrans).

Without being exhaustive, the main principle of the DPA can be summed up as the defence of the right of every individual to have access to information about him or herself collected by private individuals or by the authorities, who must in their actions: respect the principle of proportionality (involve as little data as possible) and ensure that the collection is lawful in terms of its purpose and means (prohibition of recording someone without their knowledge). For the purpose of data collection to be lawful, there must be a legal basis, an overriding interest, such as a police investigation, or the informed consent of the person concerned. Any abuse can be reported to the Federal Data Protection Commissioner, who is the supervisory authority in this area.

To address the problem of increasing cross-border flows of personal data, due in particular to the outsourcing of databases abroad, the Council of Europe has established a Convention similar in spirit to the DPA. Anyone wishing to transfer data abroad must therefore ensure that the foreign country guarantees protection comparable to that in force in Switzerland or, failing that, organise similar protection, obtain the consent of the data owner or be able to invoke an overriding interest such as the defence of a legal right.

A lawyer since 1998, Pascal Rytz has founded several law firms in Geneva and the canton of Vaud. He specialises in real estate and construction law and has 25 years' experience in business law.

Atypical and visionary, he combines legal expertise and new technologies to simplify access to the law. A columnist for the Tribune de Genève for 20 years, he makes it a point of honour to make the law accessible to everyone.

His philosophy: "Think outside the box".

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *