Data protection made simple and scalable for Swiss SMEs

The new Federal Act on Data Protection (nFADP) is in force. All Swiss companies must show how they protect personal data or face inspections, lost deals, and reputational risk.

keyIT helps you stay compliant without overloading your teams. Start with a fast, fixed-price compliance audit, then choose the right level of support for your business.

Get the free guide: Understand your obligations, see what’s included in each bundle and plan your next steps.

Download the Full Guide

Our modular data protection bundles

Audit Flash 360° - Fixed-price compliance check (CHF 1’990.–)

A fast, structured audit designed for small businesses.

You receive:

  • A compliance score based on 27 key questions (nFADP + GDPR if relevant)
  • A concise results report (PDF)
  • A prioritized remediation plan
  • A debrief session with a keyIT expert

Before you can protect data or invest in compliance, you need to know your current gaps.
Audit Flash 360° is the essential starting point - whether you're a startup or a growing SME.

Essential Bundle

Includes:

  • Full nFADP audit report
  • Registry for 3 data assets and 3 processing activities
    (legal basis, retention, sensitive data, security measures, etc.)
  • Documentation for 3 international data transfers
  • Incident and breach log
  • Online rights request channel
  • Custom privacy policy
  • 1 day of external DPO support per quarter

Best for SMEs with 20–50 employees
Handling HR, client, or patient data, using tools like Microsoft 365 or Google Workspace.

Advanced Bundle

Includes everything in the Essential Bundle, plus:

  • Registry for 5 data assets and 5 processing activities
  • Flow mapping (Sankey diagram or hierarchical tree)
  • Lifecycle records & purge recommendations
  • 1.5 days of external DPO support per quarter

Best for SMEs with 50–249 employees
Exposed to sensitive data and complex subcontractor ecosystems.

Expert Bundle

Includes everything in the Advanced Bundle, plus:

  • Data Protection Impact Assessment (DPIA) for high-risk processing
  • Contract registry (subprocessors, transfers, etc.)
  • Compliance file ready for Swiss regulator (FDPIC) audits
  • External DPO support tailored to your specific needs

Best for regulated sectors
Health, legal, finance, education, or SaaS companies with high-risk or international data flows.

External DPO support (DPO-as-a-Service)

Each bundle includes quarterly support from a keyIT's Data Protection and Compliance Expert — provided through our external DPO service (DPO-as-a-Service).

This means you don’t need to hire an internal DPO. You get regular help to maintain compliance and be ready for audits or client reviews.

What’s included:

  • Follow-up on audit recommendations
  • Updates to the data processing register and records
  • Monitoring of legal and regulatory changes
  • Preparation for potential FDPIC audits
  • Updates to key compliance documents (privacy policy, register, rights request channel)

Your compliance documentation is managed directly in Dastra - a platform built for SMEs. It centralizes all key records, automates updates, and ensures full traceability for audits and client reviews, with minimal effort on your side.

Benefits for your SME:

  • No internal workload for legal monitoring
  • Expert help — just when you need it
  • Better readiness for audits and client due diligence

Why Swiss SMEs Choose keyIT

  • Local Swiss experts in cybersecurity, governance, and compliance
  • Flexible, scalable services to match your needs and budget
  • Process automation with Dastra to streamline compliance 
  • Continuous guidance with our external DPO services 

To reinforce your compliance strategy, keyIT also provides IT Governance & Standards Services that help SMEs align with recognized frameworks like ISO 27001 and NIST for structured, risk-based IT management.

Une groupe de travail qui analyse des documents

You can also learn how keyIT can manage your IT infrastructure, so you stay focused on your business goals while we ensure operational security and efficiency.

Have any questions? Book a 30-min call with our expert to discuss your needs.

Why Act Now?

  • nLPD is enforceable today - audits and financial penalties can hit any unprepared company. 
  • Clients and partners increasingly demand formal proof of compliance.
  • Addressing compliance proactively reduces risk and protects your reputation.

Start with our Audit Flash 360° to benchmark your current status — in just a few hours, you’ll have clarity and a plan.

Get Compliant with Confidence

Download our full PDF guide to see detailed deliverables, pricing, and how our modular bundles support your compliance journey — step by step.

Download the Full Guide

Prefer email? Send us a message at sales@keyit.ch and we’ll get back to you quickly.