IT Marketing and the nDSG: Data Privacy-Compliant IT Marketing for IT Companies in Switzerland

How IT Companies Can Implement the nDSG in Their IT Marketing and Use It as a Competitive Advantage

IT Marketing for IT and Software Companies in Germany

The new Swiss Data Protection Act (nDSG) has been in effect since September 2023. This has far-reaching consequences for IT companies that conduct marketing activities in Switzerland – from lead generation and email marketing to marketing automation. This article explains the most important requirements – and how nDSG compliance can become a factor that builds trust.

What the nDSG means for IT Marketing in Switzerland

The nDSG significantly strengthens the rights of data subjects and imposes stricter obligations on companies that process data. For IT marketing, the implications are concrete and immediate: Every interaction with potential customers – filling out forms, subscribing to newsletters, downloading white papers, visiting websites—is relevant under data protection law.

IT companies that have been operating in accordance with GDPR principles are well-positioned, but they must be familiar with the specific requirements of the nDSG. Those that have not yet systematically implemented either the GDPR or the nDSG face a clear need for action.

The most important nDSG requirements in IT Marketing

Duty to Provide Information and Transparency

When collecting personal data – whether through contact forms, lead magnets, newsletter sign-ups, or event registrations – it must be clearly communicated what data is being collected, for what purpose, and how long it will be stored. This information must be available at the time of collection, not only upon request.

Consent for the Use of Tracking Tools

Cookies and tracking scripts that go beyond what is technically necessary for the operation of the website – that is, analytics, marketing, and remarketing tools such as Google Analytics, LinkedIn Insight Tag, or HubSpot tracking – may only be set with active, informed consent. Cookie consent management that complies with data protection regulations is mandatory, not optional.

Email Marketing and Opt-In Requirements

Sending marketing emails requires explicit consent. Double opt-in processes are best practice and provide legally sound documentation of consent. Existing contact lists must be carefully reviewed: Contacts without documented consent may not be used for marketing emails.

Using Marketing Automation in Compliance with Data Protection Laws

Platforms such as HubSpot, Marketo, or Salesforce Marketing Cloud must be configured in compliance with data protection laws for use in the Swiss market. This applies to data hosting (ideally in Switzerland or the EU), the conclusion of data processing agreements (DPAs) with all service providers, and the configuration of tracking and profiling functions.

nDSG Compliance as a differentiator in IT Marketing

What many IT companies perceive as a bureaucratic burden is actually a strategic opportunity. Especially in the B2B IT sector, where decision-makers are particularly sensitive to data protection issues and IT service providers regularly conduct their own data protection audits of their suppliers, demonstrable nDSG compliance is a strong sign of trust.

IT companies that actively promote data protection-compliant communication, transparent opt-in processes, and clear privacy notices set themselves apart from competitors who neglect these issues. Compliance thus transforms from a cost factor into a competitive advantage.

Checklist: nDSG-Compliant IT Marketing Practices

  • Update the privacy policy on the website and adapt it to the nDSG
  • Implement a cookie consent management system (e.g., Borlabs Cookie, Cookiebot, Usercentrics)
  • Clean up email marketing lists and switch opt-in processes to double opt-in
  • Check marketing automation tools (HubSpot) for data protection compliance and configure them
  • Enter into data processing agreements (DPAs) with all relevant marketing service providers
  • Establish an internal process for requests for access and deletion
  • Train marketing staff on nDSG requirements

Conclusion: nDSG-Compliant IT Marketing as a Sign of Professionalism

The nDSG is not a bureaucratic obstacle, but an invitation to professionalize. IT companies that consistently align their marketing processes with the new requirements not only protect themselves from fines and reputational risks—they also send a clear signal to their target customers: We take data protection seriously. And in the IT industry, that’s an argument that counts.

Request a consultation on IT Marketing and the nDSG now

Find out how IT marketing can help your business grow during an initial, no-obligation consultation. We look forward to speaking with you.

    First Name *
    Last Name *
    Business E-Mail*
    Telephone
    Company *
    Message *
    I agree to the collection and processing of my data from the contact form. For more information, see our Privacy Policy.