BIM model checking functions in cooperation with Solibri are live! Learn more
BIM model checking functions in cooperation with Solibri are live! Learn more

“We create trust with our customers through transparency”

The new data protection law has been in force in Switzerland since September 1.
Data protection and IT security are therefore a high priority for Mischa Trecco, CTO of smino.
In this interview, he gives his views and tips for the future.

Picture of Date

Date

September-12-2023

Pass on

The new Swiss Data Protection Act (DPA) has been in force since September 1, 2023.
It replaces the previous Data Protection Act of 1992 and introduces a number of innovations.
The most important changes are:

  • Greater alignment with the European Union’s General Data Protection Regulation (GDPR).
  • An extension of the scope of application of the FADP to all companies that process personal data, regardless of their size.
  • Strengthening the rights of data subjects, in particular the right of access, rectification, erasure and objection.
  • Stricter sanctions for data protection violations.

The new DPA is an important step towards strengthening data protection in Switzerland.
However, it will also present companies with new challenges.
They will have to adapt their data protection processes and ensure that they meet the new requirements. Mischa, you’ve already had to deal intensively with legal paragraphs this year.
What does the new data protection law mean for smino?

Mischa Trecco: Ensuring the security of our software and the protection of sensitive data is of the utmost importance to us and our customers.
The General Data Protection Regulation (GDPR) already required us to meet high standards.
With the new Data Protection Act, the topic is even more important for us in Switzerland.
We have recently focused on transparency – among other things, we have revised our data protection provisions, General Terms and Conditions (GTC) and data processing agreements (DPA).
We attach great importance to being transparent with our customers and giving them a clear understanding of how we protect their data.
This topic is a very high priority for us.MT: We ensure that our data protection policies and procedures are clear and understandable so that our customers know how their data is used and protected.
We also promote and demand a culture of transparency internally by informing and training our developers and the entire team about security policies and procedures.
Everyone needs to understand how security is integrated into our software development and what role they play in it.
Through transparency, we create trust with our customers and strengthen our relationship with them.
We want them to know that we protect their data and that we are always ready to answer questions or discuss concerns.
By strengthening our internal security measures, we are also shortening the response time to potential security incidents through optimized processes and new incident response management tools. Do you have an example of where this transparency exists? In our General Terms and Conditions (GTC), for example, we provide detailed information about our sub-processors, also known as sub-processors.
Before we work with them, we carefully check which data we pass on to them and whether they handle this data in accordance with data protection regulations.
We attach great importance to a thorough analysis of these aspects and also have them checked by specialist lawyers.
In this way, we ensure that customer data is handled securely and in compliance with data protection regulations. We often read that many companies are still inadequately prepared in terms of cyber security and data protection.
What is the truth of this?

MT: Companies would do well to comply with data protection laws. According to PWC, fines of up to CHF 250,000 may be imposed for violations of the new law.
Imposing such fines is already common practice in other countries.
In Germany in 2023, for example, an average of 2.8 million euros was due per violation of the General Data Protection Regulation (GDPR), as data from Statista.com shows.
Investments in data protection and IT security are not only necessary, they are often vital for survival.
According to PWC, only 40% of Swiss companies are still adequately prepared for emerging cyber risks.
This urgently needs to change. What security measures has smino implemented to ensure the integrity, confidentiality and availability of data?MT: We are guided by the highest security standards.
Firstly, we use a secure infrastructure for storing data.
Our cloud platform is regularly audited and has multiple layers of security, including firewalls, intrusion detection systems and data encryption to prevent unauthorized access.
Secondly, regular and reliable backup processes are implemented to ensure that data is secured and recoverable.
Backups are stored in secure and redundant storage systems to ensure that data is protected not only from technical failures but also from physical damage.
We continuously monitor the backup process to ensure that it is carried out properly and that the data is backed up reliably and in compliance with data protection regulations.
In addition, we use advanced encryption technologies to ensure the integrity and confidentiality of the data during transmission.
This ensures that data is protected when it is transmitted over the internet.
We treat customer data properly and with the utmost responsibility and care.
In short, smino has a high level of security.
We take security very seriously and are continuously improving our security measures to be prepared for the latest threats and challenges. What can you recommend to companies that are unsure and are holding back on digitalization for fear of taking a risk? MT: First of all – it’s completely understandable to be unsure and sometimes bypassing digitalization issues in the spirit of “never change a running system” seems like the easy way out.
Unfortunately, however, this is not sustainable.
Those who close their minds to the topic will lose out to their competitors in the long term.
Digitization is a no-brainer today.
My recommendation is therefore that you should definitely get to grips with the topic in order to understand the opportunities and, of course, the risks.
It certainly makes sense to get support from experts in certain areas.
The good news is that you don’t have to be an absolute professional to protect yourself against some risks. A good example is to use cloud solutions: These providers have already dealt with risks immediately and usually guarantee high security standards.
This already allows you to make really big leaps in digitalization, enjoy all the associated benefits and improvements and still remain data protection compliant.
So despite all the news about cyberattacks and the requirements of data protection, you shouldn’t let yourself be thrown off course.
Avoiding digitalization is definitely not a solution. You’ve been with smino practically from the start.
Which feature are you most proud of from a developer’s point of view?

MT: That’s not an easy question [lacht].
smino is very broad and there are an enormous number of features that have gone into it.
In terms of the technical challenge and complexity, project export is a crucial aspect.
This function makes it possible to easily export all data in PDF format.
This process is technically very complex given the amount of information (logs, tasks, conversations, files, journals, approvals, …), individually protected by fine granular permissions and it means a significant effort to ensure that the final ZIP package can be downloaded smoothly.
In addition, we have implemented a global search function that makes it possible to easily search through all content.
I am proud of this feature as it has the potential to provide even more benefits to users.
The improved accessibility to information has already delighted many users and I am convinced that we can exploit even more potential here.
Another reason to be happy is the protocol feature, for which I wrote the first line of code six years ago.
It was a response to the challenges in the industry and has proven its worth ever since.
It’s fantastic to see how we’ve been able to simplify users’ lives with this feature.
And last, but not least – one of the coolest features from a developer’s point of view is the seamless linking of all functions.
The interplay of the various features brings real added value and makes it possible to work smoothly with smino. Thank you very much Mischa, very exciting!

Follow us:

Categories:

Keywords:

Leave a Reply

Your email address will not be published.Required fields are marked *

Related blog entries

Never miss news again!

    We always enjoy talking to you

    Let's talk
    Send a message
    We are happy to answer your question
    Request a callback
    We will contact you for an interview.