What will change from September 1st, 2023 and who will it affect?
The nFADP applies to anyone who processes personal data from Switzerland or abroad.
This includes private individuals who, for example, operate a website.
With the new Federal Act on Data Protection, you need to pay attention to the following new provisions:
Expanded Duty to Inform:
When collecting personal data, the affected person must be informed. This can be added to the website's privacy policy and cookie banner.
Processing Directory:
This directory generally applies to companies and organizations with more than 250 employees. If a company collects sensitive personal data, even smaller companies are required to maintain such a directory.
Criminal Liability for Violations:
The FDPIC (Federal Data Protection and Information Commissioner) can impose a fine of up to CHF 250’,000 on the responsible individual in the event of a breach of duty. These penalty conditions apply in cases of intentional violations, but not for negligence.
Impact Assessment:
If sensitive data is being collected, an impact assessment needs to be done prior to implementing any tools and features.
Data Security Breach:
In the event of data loss or a breach of data security, a prompt report must be sent to the FDPIC.
Privacy-by-Design:
Technical measures must be taken early on to adequately protect data. This is where our FADP-Check comes into play. We also review the flow of data (use of cloud services abroad).
Privacy-by-Default:
In your program and website, the default settings must only collect the personal data that are minimally necessary for processing.
FADP Review:
Unlike previous data protection laws, compliance monitoring will now be centralized at the federal level. The Federal Data Protection and Information Commissioner will be responsible for this.
Your Personal Data Protection Analysis
- We offer you a tailored solution for the technical handling of data protection issues.
- Our brief, practical document provides you with clear instructions for the secure use of tools for communication, editing, and storage of work processes.
- We check whether your data is securely protected and ensure that it is FADP-compliant get saved.
Let`s work out your analysis together!
Prepared for the new FDAP with our IT-Security-Check!
With the IT-Security-Check, we can evaluate your company's technical compliance with the FDAP. It has been shown that a solid IT structure is already a significant step towards meeting FDAP requirements.
Contents that we examine in our FADP-Check can be found here:
Legal aspects also play a role in the Data Protection Act (DSG).
Therefore, it is crucial to consider these aspects accurately and comprehensively.
To ensure that you are optimally protected not only technically but also legally, we can recommend suitable legal support from our network of specialized attorneys.
