Data protection
The ever more stringent legal requirements set clear guidelines for data protection. Data protection is central for the LLB Group. We are bound by the laws and the regulatory guidelines in Liechtenstein, Switzerland and Austria, as well as the specific requirements and circumstances in our target markets. In the reporting year, LLB registered no substantiated complaints regarding breaches of client privacy or losses of client data.
EU General Data Protection Regulation
The General Data Protection Regulation (GDPR) entered into force in the European Union on 24 May 2016. It harmonises the rules on the recording and processing of personal data by companies and public authorities across the EU. It aims to ensure the protection of data and guarantee the free movement of data within the EU. Following a two-year transition period, the regulation has been binding throughout the European Union since 25 May 2018. It establishes a uniform legal basis for data protection across the EU for the first time.
The content of the regulation has brought about various significant changes: New is the “right to be forgotten”, under which a person can have the data controller erase their data from the web. New is also the one-stop-shop mechanism, under which a person can notify directly the data protection authorities in their member state of any data breaches, regardless of where the breach occurred.
The regulation also provides in part for stricter regulations on key aspects of the data protection law: for instance, informing a person about the processing of their data, making contractual arrangements for the processing of data by third parties and transmitting personal data to third countries. LLB has established corresponding rules which are applicable throughout the Group and implemented the necessary organisational and technical adjustments in a timely manner.
Data Protection Act Liechtenstein / Switzerland
The complete revision of the Data Protection Act in Liechtenstein entered into force on 1 January 2019. The adaptation of the Swiss Data Protection Act to the new EU regulation is still in progress. Entry into force is not expected before 2020.