News & Events Now Listed: EU – US Data Privacy Framework (DPF)

Bucher + Suter now has an official listing on the EU-U.S. Data Privacy Framework (DPF) program.  

You may be familiar with DPF, especially if your products and services deal with personal data of any kind. You may have seen that in 2022, for example, Amazon Web Services welcomed the arrival of DPF. In 2024, on the strength of DPF, AWS announced plans to invest €7.8 billion in the AWS European Sovereign Cloud in Germany. 

Why is there such strong interest in protecting and regulating transatlantic data transfer? And what does it mean for you that the DPF has listed your solutions provider?

It helps to understand a bit of background. From the official DPF Program Overview:  

Organizations participating in the EU-U.S. DPF may receive personal data from the European Union / European Economic Area in reliance on the EU-U.S. DPF effective July 10, 2023. July 10, 2023 is the date of entry into force of the European Commission’s adequacy decision for the EU-U.S. DPF and the effective date of the EU-U.S. DPF Principles, including the Supplemental Principles and Annex I of the Principles. The adequacy decision enables the transfer of EU personal data to participating organizations consistent with EU law.

To qualify for DPF, organizations must adhere to strict requirements, including: 

• Stringent Data Protection: Participants are required to implement and abide by strong data protection measures to safeguard personal information. 
• Transparent Accountability: Maintain transparent accountability measures, including regular compliance monitoring and enforcement mechanisms.
• Streamlined Data Transfers: Facilitate streamlined data transfers between the EU/EEA/Switzerland and the US.
• Legal Assurance: Comply with relevant data protection laws, providing legal assurance for customers.
• Proactive Risk Mitigation: Proactively addresses potential cyber threats and data breaches.

As operations and data transfer extend beyond domestic, regional, and international borders, data privacy compliance becomes more complicated. Beyond breaching customer trust, non-compliance issues—intentional or not—can be costly. For example, Meta recently incurred a 1.2 billion Euro fine for GDPR violations. 

In response to our recent DPF listing, we asked Martin Wuethrich, Chief Executive Officer (CEO) at Bucher + Suter, to weigh in:  

At Bucher + Suter, trust and security are at the core of everything we do. Joining the Data Privacy Framework (DPF) is a strong statement for data security in international data exchange. It ensures that our customers’ data is legally and securely transferred between Europe and the U.S., reinforcing our commitment to compliance, transparency, and data protection.

– Martin Wüthrich, Bucher + Suter CEO

First and foremost, working with a DPF-listed providers means peace of mind. Any organization, but especially one operating in the contact center space, not only wants to know their data transfers are safe and compliant—they must be sure of it.  

The stakes are too high, especially in such a strictly regulated environment. Today, Swiss data laws rank among the strongest in the world, as do the EU’s. Among modern consumers, safeguarding personal data remains a core trust imperative. 

For our customers, this means peace of mind. They know that their data is processed worldwide with one of the highest levels of protection. The DPF eliminates legal uncertainties, simplifies compliance, and strengthens contractual safeguards for businesses, especially those in regulated industries.

– Dionys Henzen, CISO, Bucher + Suter 

What’s more, DPF compliance underscores the ways in which a fierce commitment to data protection extends to every aspect of our solutions-building capabilities.  

Data, for example, must be top of mind when deploying and scaling contact center AI—especially as contact centers move toward autonomous agentic AI use cases.  

Similarly, customer authentication and fraud detection use cases come to mind, both of which deal directly with sensitive customer and company data.   

Of course, data protection must be accompanied by data security. High-security data centers for private cloud contact center deployments, for example. Secure voice automation, a topic that Jürgen Schick, Bucher + Suter’s Chief Sales Officer, explored in a recent interview.  

All of which now have the DPF stamp of approval, which should be welcome news for our clients, partners, and the customers they serve. 

The privacy of our customers’ data is our top priority, and we are committed to protecting it with the highest standards of security and transparency. We lead with privacy and security at the core of our business. The DPF aligns with GDPR, ensuring that customer data is protected, no matter where it’s processed.

– Dionys Henzen, CISO, Bucher + Suter 

Our official listing on the EU-U.S.DPF program is more than just a compliance milestone—it’s a testament to our unwavering commitment to data protection and security. For our clients, partners, and their customers, this means knowing that their data is handled with the highest level of care and protection. 

As our CISO rightly emphasized, the DPF listing reduces legal uncertainties, simplifies compliance, and strengthens contractual safeguards, especially for businesses in regulated industries.  

In a world where data breaches can cost both financially and in terms of customer trust, peace of mind is no small consideration. Our goal is to make privacy and security a core of how we do business, no matter where your data is processed.