Supply Chain Management (SCM)

Companies rarely produce their products and service packages on their own. Instead, to provide services to their clients, they bring together a supply chain, a network of collaborating companies such as manufacturers, suppliers, distributors and third parties. These companies, especially those who use customer relationship management (CRM) systems, exchange information to deliver the product or service via SCM systems tied into their CRM system essentially based on a B2B portal and a web-based extranet.

This is mostly information about customer orders, the current order and delivery status, the special requirements of customers for product design and payment and address information. In addition, CRM practitioners often share the results of customer data analysis with their business partners, especially with regard to preferences for potential sales of products and services offered by individual business partners in the supply chain.

This customer-related information is of great interest for business partners to market their own products. Companies which use CRM are often keen to pass on potential customer leads identified by data mining or OLAP for projects outside their scope to appropriate supply chain partners in exchange for a monetary consideration. Such customer information is therefore often utilized for external cross-selling and up-selling.

The inter-company exchange and joint exploitation of customer data or customer-related analysis results, however, are subject to the Swiss and European data protection laws and are therefore legally tricky. Various legal requirements have to be met before customer data can be shared across the supply chain. We will help you set up and manage your supply chain in compliance with data protection laws.


Data Protection-Compliant Distribution

Non-conformity with data protection requirements anywhere in the supply chain can have practical legal consequences. Spiegel and other media reported in early October 2009, for example, that four partners of Deutsche Telekom had illegally accessed the company's data systems. The four partners have failed to comply with data protection obligations and the distribution methods they had agreed with Deutsche Telekom. In particular, sub-contractors of the four partners had without authorisation employed a call centre for telemarketing and gave them unlawful access to certain sales portals. Deutsche Telekom filed a criminal complaint. In addition, Deutsche Telekom demanded repayment of excessive commissions and also charged penalties for breach of contract. The amount came to some €1.5 million.

Schweizer Privacy Law
Hagenholzstrasse 81a
CH-8050 Zürich
Telefon: +41 (0)76 457 70 90