You must honor customers’ requests to opt-out of certain information uses and exchanges and opt-in if sensitive information is being used. Where the information is sensitive, you must obtain opt-in consent. These choices should be clear and conspicuous, readily available and affordable.
Your company must offer customers the ability to opt-out of your disclosing their information to a third-party or using their information for a purpose incompatible with that for which it was originally collected.
In addition, the DMA Privacy Shield Program requires that your company accept and maintain consumer requests to be placed on your in-house suppression file to stop receiving solicitations from your company.
It is important to note that for “sensitive” information, consumers must be given the explicit ability to opt-in before you disclose that information to a third-party or use that information for a purpose different from that for which it was originally collected. You may not use or transfer this information unless the individuals have given affirmative or explicit “opt-in” choice.
Sensitive information includes personal information regarding a medical or health condition, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or sexual lifestyle. There are limited exceptions to the opt-in requirement. Sensitive information in Switzerland is slightly modified to include ideological views or activities, information on social security measures or administrative or criminal proceedings and sanctions, which are treated outside pending proceedings.