The ever more stringent legal requirements set clear guidelines for data protection. Data protection is central for the LLB Group. We are bound by the laws and the regulatory guidelines in Liechtenstein, Switzerland and Austria, as well as the specific requirements and circumstances in our target markets.
In the reporting year, LLB registered no substantiated complaints regarding breaches of client privacy or losses of client data.
EU General Data Protection Regulation
The General Data Protection Regulation (GDPR) has been binding throughout the EU and the EEA since 25 May 2019. It harmonises the rules on the recording and processing of personal data by companies and public authorities across the EU. Content-wise, the regulation provides, among other things, for the “right to be forgotten”, under which a person can have the data controller erase their data from the web. With the one-stop-shop mechanism, a person can notify the data protection authorities in their member state directly of any data breaches, regardless of where the breach occurred. The regulation provides individuals with the right to be informed about the processing of their data and sets out the requirements for contractual arrangements in relation to the processing of data by third parties and the transmitting of personal data to third countries. LLB has issued corresponding regulations for the whole Group and implemented the necessary organisational and technical adjustments in a timely manner.
Furthermore, in future it is intended that privacy on the internet and in electronic communications be governed by a separate e-privacy regulation. The relevant regulation is available in draft; the date of entry into force remains open.
Data Protection Act Liechtenstein / Switzerland
The completely revised Data Protection Act entered into force in Liechtenstein on 1 January 2019. The adaptation of the Swiss Data Protection Act to the new EU regulation is still in progress. Entry into force is not expected before 2020.