The new Swiss Data Protection Act (nPDA) will come into force on 1 September 2023. It aims to provide better protection for the personal data of Swiss residents and to ensure that Swiss law is compatible with European law, in particular the General Data Protection Regulation (GDPR).
To apply the new law in practice, the principles and obligations it imposes on those responsible for processing personal data must be respected. These principles include consent, purpose, proportionality, transparency, security and liability. Obligations include the duty to inform, the right of access, the right of rectification, the right to erasure, the right to portability and the right to object.
DFS AVOCATS can provide you with useful information and practical advice to help you to comply with the new law. DFS AVOCATS explains the main changes, the rights and duties of data subjects and data controllers, as well as the procedures and penalties in the event of a breach of the law. It should already be pointed out that fines and sanctions are imposed on natural persons (and not on legal persons) who exercise managerial functions, such as the CEO, CTO or CFO, but also on specialist staff without managerial functions, such as the Data Protection Officer. Companies cannot protect themselves against this risk. If an individual within a company breaches the new DPA, it is that person who will be penalised.
Individuals who fail to comply with the legal provisions on data protection are liable to sanctions and fines of up to CHF 250,000.
