We take an active part in all projects to ensure that our security standards are followed and that risks are properly identified and mitigated as early as possible. We engage in all secure data processing requirements as mandated by the Protection Requirement Analysis, a directive issued by the Federal Delegate for Cybersecurity in Switzerland. We ensure consistent local implementation within all SPS entities.
When we speak about personal identifiable information (PII), we make sure that all our activities in relation with data processing are compliant with the data protection requirements applicable; for example, in EU countries the General Data Protection Regulation (GDPR) is valid and it establishes a set of mandatory controls for how we treat and protect information related to individuals.