Revised Data Protection Law in Switzerland
valid as of 01.09.2023
The most important points of the revised data protection law
Stricter data protection
The amendment places an increased focus on stricter requirements for securing personal information. This is not just about preventing data leaks, but also about giving individuals greater control over how their data is collected, used and transmitted.
Transparent information obligation
Companies and organizations are obliged to provide information in an open and transparent manner about what personal data is collected, how it is processed and how long it is retained. This obligation also includes the notification of data breaches to data subjects.
Right to deletion and data portability
Individuals have the right to request that companies delete their personal data. In addition, they have the option to request a transfer of their data in a common format to facilitate a seamless transition to another service provider.
Appointment of data protection officers
Companies and organizations are required to appoint data protection officers whose task is to monitor and ensure compliance with data protection regulations.
Strict sanctions
The law provides for significant penalties for violations of data protection regulations. This serves to ensure that companies and organizations take the importance of data protection seriously.
The following aspects are important for you as a company
Type and purpose of the data
Get an overview of exactly what data is collected and for what purpose it is processed. This will enable you to provide clear and transparent information at any time.
Scope of data
Critically question the collection of personal data and evaluate what is actually necessary for the intended use. Can you convincingly justify additional data collection?
As much as necessary
Keep requests for information from your customers to a minimum.
Restricted access
Restrict access to internal data within your organization to a limited number of relevant individuals.
Data privacy policy
Check your data protection declarations in detail and adapt them if necessary. If you are unsure, a specialist can give you good advice.
Continuous review
Take a close look at your technical defaults and optimize them accordingly. At the same time, review the usability of data-related requests and provide users with insight into how the required information is used.
Mitarbeiter
Sensibilisieren Sie alle Mitarbeiter innerhalb Ihres Unternehmens, um die Wichtigkeit dieses Themas zu unterstreichen.