Online Guide to the revised Federal Act on Data Protection
Welcome to the Bär & Karrer Online Guide to the revised Federal Act on Data Protection ("revFADP") that is expected to enter into force on 1 September 20023 together with the revised Ordinance to the Federal Act on Data Protection ("revOFADP").
The Online Guide is not a commentary on the revFADP. The idea is for the Online Guide to grow organically and take up topics that concern our clients. The Online Guide also does not claim to be exhaustive and does not provide information on the processing of personal data by federal authorities.
You can test your company's need for action with our "Data Protection Self-Assessment Tool":
I am looking for
When does the revFADP apply to companies based abroad?
What principles must be met when processing personal data?
What new obligations apply under the revFADP?
What rights do individuals have when their personal data is processed?
What does "appropriate " data security mean and how do we ensure data security?
What obligations apply to companies who suffer a Data Breach?
What information duties do companies have under the revFADP?
Can the processing of personal data be outsourced to third parties ("data processors")?
Can personal data be transferred abroad and what requirements must be met?
What is a data processing register and when do we need to keep such a register?
What is a data protection impact assessment and when do we need to conduct one?
Do we need to appoint a data protection advisor ("Data Protection Officer")?
When do we need to obtain consent to process personal data?
When is there a violation of the revFADP and how can this be justified?
What is a "Swiss Representative" and when do we need to appoint one?
What consequences / sanctions can a violation of the revFADP have for companies?
Our company is already compliant with the GDPR, is there anything we need to do?
Disclaimer Data Protection Online Guide
The use of our Data Protection Online Guide and Data Protection Self-Assessment Tool on this website is governed by the following terms and our Privacy and Cookies policies.
Publications and other information ("Content") contained within the Data Protection Online Guide including the Data Protection Self-Assessment Tool ("Online Guide") are provided for general information only and refer to Swiss law only. They do not reflect legal conditions outside of Switzerland and do not constitute legal or other professional advice or seek to be a description of the legal situation. You should take specific legal advice on your particular matter. Please contact us should you require advice or in case you would like to find out more about specific Content.
Our intention is for the Content of the Online Guide to be accurate at the time of publication and we will review and update it regularly. However, we accept no obligation to ensure, and do not warrant, that it is complete, accurate, up to date or that the website or Content will remain accessible.
To the extent permitted under applicable law or regulation, Bär & Karrer excludes all liability to you or any third parties for any loss or damage relating to the use of, inability to use, reliance on Content of this website, links to third party websites and social networks contained on it or software that you may download from any linked websites. Bär & Karrer expressly reserves the right to change, amend or delete any and all information and publications contained in the Online Guide.
By using this Online Guide, users agree to all provisions of this Disclaimer as well as those of our Privacy and Cookies policies. All rights remain reserved.