Data protection

The ever more stringent legal requirements provide clear guidelines for data protection. Data protection is central for the LLB Group. In 2017, the Group Information Security Department received no alerts from the persons responsible for data security in the Group companies. We are bound by the laws and the regulatory guidelines in Liechtenstein, Switzerland and Austria, as well as the specific requirements and circumstances in our target markets.

Liechtenstein/Switzerland

The LLB Group implemented in 2016 the latest Swiss standards on dealing with risks associated with electronic client data. Switzerland is currently working on a revision of its Data Protection Act, which should bring it into line with the EU General Data Protection Regulation (EU GDPR)

EU General Data Protection Regulation

The EU General Data Protection Regulation entered into force in the European Union on 24 May 2016. It harmonises the rules on the recording and processing of personal data by companies and public authorities across the EU. It aims to ensure the protection of data and guarantee the free movement of data within the EU. After a two-year transition period, the Regulation will be binding throughout the European Union from 25 May 2018. The GDPR establishes a uniform legal basis for data protection across the EU for the first time.

The content of the Regulation brings various significant changes: New is the “right to be forgotten”, under which a person can have the data controller erase their data from the web. New is also the “one-stop-shop mechanism”, under which a person can notify directly the data protection authorities in their member state of any data breaches, regardless of where the breach occurred.

The Regulation also provides in part for stricter rules on key aspects of the data protection law: for instance, informing a person about the processing of their data, making contractual arrangements for the processing of data by third parties and transferring personal data to third countries.

The EEA is currently in the process of taking over the GDPR. As an EEA member, Liechtenstein has therefore initiated a complete revision of its Data Protection Act. The LLB Group has established rules which are applicable throughout the company and started to implement the necessary organisational and technical adjustments