PrivaGuard User Guide

1. Getting Started

PrivaGuard helps Swiss businesses comply with the new Swiss Data Protection Act (nDSG/nLPD). Here's how to get started.

Create your account

Visit privaguard.ch and click "Get Started". Sign up with your email address. You'll receive a confirmation email — click the link to activate your account and access the dashboard.

What PrivaGuard does

PrivaGuard scans your website for cookies and trackers, generates a compliant consent banner, and provides tools to create privacy policies — all hosted in Switzerland. It automates the technical requirements of the nDSG so you can focus on your business.

nDSG vs GDPR: What's the difference?

The Swiss nDSG (new Data Protection Act) is similar to the EU's GDPR but has key differences. Under the nDSG, consent is not always required for data processing — but users must be informed. PrivaGuard is specifically designed for nDSG compliance, not just GDPR. This means simpler consent flows and fewer unnecessary pop-ups for your Swiss visitors.

2. Scanning Your Website

Start with a free compliance scan to understand your website's current state.

Run a free scan

Go to privaguard.ch and enter your website URL in the scan field. Click "Free Compliance Check". The scanner will crawl your site, detect cookies, third-party scripts, and tracking technologies. Results are ready in under a minute.

Understanding your results

Your scan results show each cookie and tracker found on your site, organized by category: necessary, functional, analytics, and marketing. Each item includes a severity level indicating its compliance impact. Red items require immediate attention, orange items should be reviewed, and green items are already compliant.

3. Setting Up the Consent Banner

The consent banner (CMP) informs your visitors about cookies and lets them manage their preferences.

Create your site in the dashboard

Log in to your PrivaGuard dashboard and go to the "Sites" tab. Click "Add site" and enter your website's domain (e.g., example.ch). Your site will be created with a unique identifier (UUID).

Get your site UUID

After creating your site, you'll see your site UUID in the Sites tab. This is a unique code like "a1b2c3d4-e5f6-7890-abcd-ef1234567890". Copy it — you'll need it for the next step.

Integrate on your website

This code works on any site that accepts custom HTML (static sites, CMS platforms, etc.). Add it inside the head section of your page. Replace YOUR-UUID with your actual site UUID. Platform-specific guides for WordPress, Wix, and Shopify are coming soon.

<script src="https://cdn.privaguard.ch/cmp.js" data-site-id="YOUR-UUID" defer></script>

Script load order with Google Analytics / GTM

Important: The PrivaGuard script must load BEFORE any Google Analytics or Google Tag Manager scripts. This ensures cookies are blocked until the visitor gives consent. Here's the correct order:

<!-- 1. PrivaGuard FIRST -->
<script src="https://privaguard.ch/cmp.js" data-site-id="YOUR-UUID" defer></script>

<!-- 2. Google tags AFTER -->
<script async src="https://www.googletagmanager.com/gtag/js?id=G-XXXXX"></script>

Customize banner appearanceStarter+

On the Starter plan and above, you can customize the banner to match your brand. Go to the "Banner" tab in your dashboard to change colors (primary, background, text) and position (bottom bar, centered popup, or top bar). Changes are applied instantly to your live banner.

Customize banner textsStarter+

On the Starter plan and above, you can also customize the banner title, description, and button labels for each language (French, German, English). Go to the "Banner" tab in your dashboard, scroll to the "Banner texts" section, and enter your custom text. Leave a field empty to use the default nDSG-compliant text. Changes are applied instantly to your live banner.

Verify the banner works

Open your website in Chrome and press F12 to open DevTools. Go to Application → Cookies → your domain. After interacting with the banner, you should see a cookie named "_pg_consent" containing your visitor's consent choices. If you see it, the banner is working correctly.

4. Google Consent Mode v2

If you use Google Ads or Google Analytics, Consent Mode v2 ensures you don't lose valuable conversion data.

What is Google Consent Mode v2?

Google Consent Mode v2 is a framework that lets your website communicate visitor consent choices to Google services. Without it, Google Ads and Analytics lose data when visitors decline cookies. With Consent Mode v2, Google uses behavioral modeling to recover approximately 80% of conversion data — even when visitors opt out.

How PrivaGuard handles it

PrivaGuard automatically integrates with Google Consent Mode v2. When you install the consent banner, it sends the correct consent signals to Google services. There's nothing extra to configure — it works out of the box.

What to expect

With PrivaGuard and Consent Mode v2, you can expect to recover approximately 80% of your conversion data through Google's behavioral modeling. This means your Google Ads campaigns will continue to optimize effectively, and your Analytics data will remain meaningful — all while respecting your visitors' privacy choices.

5. Consent RecordsStarter+

The consent audit log stores a record of every visitor's consent choices, providing evidence of compliance under the nDSG.

What is stored

Every time a visitor interacts with your consent banner, PrivaGuard records the event: a hashed version of their IP address (for privacy), their visitor ID, the consent choices they made (functional, analytics, marketing), and a timestamp. This data is append-only — it cannot be modified or deleted, ensuring a tamper-proof audit trail.

Filtering and search

In your dashboard, the Records tab lets you filter consent events by site, date range, and visitor ID. This makes it easy to find specific consent interactions — for example, to verify that a particular visitor gave consent before a certain date.

CSV export

You can export your consent records as a CSV file for compliance documentation. The export includes all filtered records with columns for date, site, hashed IP, visitor ID, and consent choices per category. This file can be presented to auditors or the FDPIC as evidence of lawful data processing.

6. Auto-RescanStarter+

Keep your compliance up to date with automatic scheduled rescans.

How auto-rescan works

On the Starter plan and above, PrivaGuard can automatically rescan your website on a weekly or monthly schedule. This detects any new cookies or trackers that may have been added to your site — for example, after installing a plugin or updating a third-party service.

Email notifications

When a rescan detects new tracking technologies on your site, you'll receive an email notification listing exactly what changed. No action is required on your part: PrivaGuard automatically updates the blocking of new scripts. The email is purely informational.

Configure in the dashboard

Go to the "Sites" tab in your dashboard and select your site. Under the rescan settings, choose your preferred schedule: weekly or monthly. You can also trigger a manual rescan at any time.

7. Privacy Policy GeneratorStarter+

Generate a legally compliant privacy policy tailored to Swiss law — in minutes.

The 6-step wizard

Navigate to the "Policy Generator" page from the top menu. The wizard guides you through 6 simple steps: your organization details, data collected, processing purposes, data recipients, international transfers, and cookie usage. Fill in each step and click "Generate" to create your policy.

Export and share

Once generated, you can preview your privacy policy directly in the browser. On the Starter plan and above, you can export it as a PDF and receive it by email. The policy is available in French, German, and English — choose your preferred language at export time.

8. Data Processing RegisterBusiness

The data processing register (Verarbeitungsverzeichnis) is required under nDSG Art. 12 for businesses that process personal data.

What is the register?

Under the Swiss nDSG (Art. 12), businesses must maintain a register of their data processing activities. This includes what data you collect, why you process it, who has access, and how long you keep it. PrivaGuard provides a digital register that makes this requirement easy to fulfill.

Adding processing activities

In your dashboard, go to the "Register" tab. Click "Add activity" to create a new entry. Fill in the required fields: processing purpose, categories of data subjects, types of personal data, recipients, retention period, and technical/organizational security measures.

Export as PDF

You can export your complete data processing register as a professional PDF document. This is ready to present to authorities or auditors if requested. The export includes all your processing activities with their full details.

9. Platform Integration

How to integrate the PrivaGuard consent banner on different platforms.

Integration snippets

Select your framework below to get the correct integration code. The PrivaGuard script must load before any analytics or marketing scripts on every page.

<script src="https://cdn.privaguard.ch/cmp.js" data-site-id="YOUR-UUID" defer></script>

10. FAQ

Frequently asked questions about PrivaGuard.