Documentation · Privacy, Security and Compliance

revDSG Notes

This document summarizes how the ADP Car Market Hub plugin's features relate to the revised Swiss Federal Act on Data Protection (revDSG / nFADP), which applies to many vehicle dealership websites operated in or targeting Switzerland. It complements the GDPR / DSGVO Notes, which cover the EU/EEA framing.

This document is not legal advice and does not guarantee compliance. Final legal assessment depends on the site setup, the configured features, the consent or transparency implementation and your specific obligations under Swiss law. Site operators should review their posture with their own legal advisor.

When to use this document

Use this document when you need to:

  • Operate a vehicle dealership site in Switzerland (typical setup with a .ch domain and CHF as the default currency).
  • Prepare a Swiss-focused privacy notice for inquiries, search alerts and built-in analytics.
  • Document data processing activities for a Swiss audience.
  • Confirm that the plugin's privacy controls are aligned with your internal Swiss data protection guidelines.

Overview

The plugin's privacy-relevant features are the same regardless of jurisdiction (see Data Storage Overview and GDPR / DSGVO Notes). The differences for a Swiss site are mostly about:

  • Naming and labeling — the plugin's analytics admin notice can show a Swiss revDSG label.
  • The legal basis for processing — under the revDSG, transparent disclosure plus a legitimate purpose is often sufficient, but specific cases may still require explicit consent.
  • The way the privacy notice is framed (controller, purposes, recipients, transfers abroad).

The plugin can detect a Swiss setup automatically and surface the revDSG label accordingly.

How the plugin detects a Swiss / revDSG setup

The plugin's analytics module includes a jurisdiction detector with the following resolution order:

  1. The manual override stored in the as24ci_analytics_privacy_jurisdiction option, when it is not auto.
  2. The TLD of the configured AutoScout24 API base URL. Hosts ending in .ch (or .autoscout24.ch) resolve to revdsg.
  3. The default currency. CHF resolves to revdsg.
  4. Otherwise, the value falls back to other jurisdictions (gdpr, dsgvo, uk_gdpr) or to generic.

Operators can always force the value by setting the **Privacy jurisdiction** option to revdsg in the analytics settings. The setting is informational; it controls the framework label shown in the admin notice and does not change which data is collected.

How revDSG topics map to plugin features

The mapping below describes how plugin behavior relates to common revDSG themes. It is informational and does not replace a project specific assessment.

Information duty (transparency)

  • The lead form supports a configurable consent label and a Privacy page URL, which can link to the site's Swiss privacy notice.
  • The search alert subscription confirmation email and the notification email both contain links the subscriber can use (confirm, unsubscribe).
  • The plugin's analytics admin notice surfaces a revDSG label when a Swiss setup is detected.

Purpose limitation and proportionality

  • Inquiry data is collected for the purpose of answering a vehicle inquiry or test-drive request.
  • Search alert data is collected for the purpose of sending notification emails about newly imported matching vehicles.
  • Analytics events, when enabled, are aggregated event records used for internal site analytics.

Data minimization

  • Optional lead fields (Phone, Message) can be hidden so that only Name and Email are required.
  • The submitter's IP address is not stored with leads. A salted SHA-256 hash of the IP is used only for short-lived rate limiting through a WordPress transient (5 submissions per IP per 5 minutes).
  • The analytics table stores only event type, optional minimized payload, vehicle ID and timestamp. No IP addresses, user identifiers or cookies are stored on the server side.
  • The Filter data minimization option removes free-text search keys (s, search, q) from the analytics filter-search payload.
  • Search alert criteria are restricted to a fixed allowlist of keys.

Security of processing

  • Admin actions are gated by the plugin's manage_as24_imports capability and WordPress nonces.
  • The contact form requires a nonce and includes a hidden honeypot field.
  • The logger masks token=…, client_secret=… and Authorization: Bearer … fragments before writing.
  • See Security Recommendations for the recommended hardening steps.

Cross-border data transfers

  • The plugin connects to the AutoScout24 Hub API to import vehicle data. The data flowing to that API is operational dealership data (credentials, listing references), not personal data of website visitors.
  • Email is sent through wp_mail. The actual delivery path depends on the site's mail transport (for example an SMTP service or hosting provider). If that transport is located outside Switzerland, the associated transfer must be assessed in your privacy notice.
  • The optional AI assistant feature, when enabled, sends prompts to the managed Google Gemini endpoint configured in ADP Car Market Hub. No provider selection, model selection or API key entry is required in the WordPress backend; customer-specific AI provisioning is completed by AD Promotion after installation. The Gemini endpoint is typically hosted outside Switzerland, so the associated transfer must be assessed in your privacy notice. Disable the feature if such transfers are not desired. Review the applicable data processing and contractual terms for the managed AI setup before enabling AI features in production.

Data subject rights

  • The plugin's Leads admin tab supports search, status filtering, CSV export and deletion of individual leads.
  • The plugin's Search Alerts admin tab supports edit, status change (active, inactive, paused) and deletion of subscriptions.
  • The plugin does not register a WordPress personal-data exporter or eraser hook; rights requests are handled manually with the tools above. Verify this behavior in the current plugin version before publishing process documentation that depends on it.

Records of processing

  • See Data Storage Overview for an inventory of stored data categories that can feed the dealership's internal records.

Configuration reference

The settings most relevant for a Swiss setup are:

SettingValueEffect
Privacy jurisdictionrevdsg (or auto with a Swiss configuration)Surfaces the revDSG label in the analytics admin notice.
Consent checkbox enabledOn / OffShow or hide the consent checkbox on the inquiry form.
Consent checkbox labelFree textOperator-written label, ideally referencing the Swiss privacy notice.
Privacy page URLURLLink to the Swiss privacy notice.
Analytics enabledOn / OffMaster switch for built-in analytics; off by default.
Require consentOn / OffWhen on, gates analytics through the as24ci_analytics_consent_check filter.
Analytics retention (days)Integer (default 180, minimum 7)Retention window for analytics events.
Filter data minimizationOn (default)Strips free-text search keys from the analytics payload.

Operational notes

  • The revDSG framework supports a different mix of legal bases than GDPR. Whether your specific tracking or marketing use case requires explicit consent, opt-out, or a transparency-only approach should be reviewed with your legal advisor.
  • If you offer the website to visitors in both Switzerland and the EU, the GDPR may also apply. In practice, operators frequently align their notice and consent UI with the stricter framework.
  • The privacy jurisdiction selector is a label only. Switching it to revdsg does not change which data is collected. Operational controls (analytics on/off, retention, consent) remain the relevant levers.

Step by step: align the plugin with a Swiss / revDSG setup

  1. Identify whether the site is intended for Switzerland (typical: .ch domain, CHF currency).
  2. In the analytics settings, leave Privacy jurisdiction on auto (it will resolve to revdsg) or set it explicitly to revdsg.
  3. Update the site's privacy notice to describe inquiry handling, search alerts and (if enabled) analytics in Swiss-appropriate terminology.
  4. In the lead form settings, set the Privacy page URL to the Swiss privacy notice and configure the consent label accordingly.
  5. Decide whether to enable analytics. If enabled, choose between: - Transparency-only operation (analytics on, consent requirement off, documented in the privacy notice), or - Consent-gated operation (analytics on, Require consent on, wired to a consent management plugin via the as24ci_analytics_consent_check filter).
  6. Set the analytics retention window per your privacy review.
  7. Document a manual workflow for handling access and deletion requests using the Leads and Search Alerts admin tabs.

Troubleshooting

  • Detected jurisdiction is wrong — change Privacy jurisdiction from auto to revdsg in the analytics settings.
  • Visitor in Switzerland asks to be removed — locate the lead in the Leads admin tab and delete it; instruct the visitor to use the unsubscribe link for search alert notifications, or remove their subscription from the Search Alerts admin tab.
  • Email transport is located outside Switzerland — update the privacy notice to disclose the transfer path; consider local SMTP alternatives if your privacy review requires it.