Compliance with data privacy of the Signing Service

As part of its ongoing audits, Swisscom must ensure that all the strict data privacy requirements necessary for the issue of electronic signatures are complied with, both as opposed to the certification authority in Switzerland and as opposed to the conformity assessment body in Austria. This means that, in addition to self-declaration, trust service providers and certification services are obliged by legislation and international standards, such as ETSI 319 401, to demonstrate and have audited appropriate data privacy for all personal data.