Settle claim
Search
Show details
Hide details
Regulation

Data protection: More legislation and rights in Switzerland

Aug 31, 2023
2 min.
  • Extension of rights of affected parties
  • Rules on forwarding data to third parties
  • It is new that the law now only applies to natural persons, not legal ones.

As of 1 September 2023, new data protection regulations apply in Switzerland too. In light of the European General Data Protection Regulation (GDPR) which came into force in 2018, the finalization and introduction of the revised Swiss Data Protection Act (DPA) became a matter of urgency, especially as the old Data Protection Act from 19 June 1992 no longer met the increased requirements.

After extensive political wrangling, the Parliament passed the law on 25 September 2020. The Federal Council then issued the associated decree on 31 August 2022. The revised Swiss Federal Act on Data Protection (DPA) comes into force on 1 September 2023.

Hide details
ZoomZoom

The most important updated points mainly relate to the extension of the rights of the affected parties: 

  • Extended information obligation when obtaining personal data
  • Extended right of information
  • Right to correction, erasure or restriction of processing and disclosure
  • Right to data portability
  • Rules for profiling with high risk and for automated case-by-case decisions

What is new is that the law only applies to natural persons, not legal ones.

Daniel Bucklar
Corporate Legal Counsel, EOS Schweiz

The DPA also governs disclosing data to third parties and standardization of order processing. Another key area relates to data transfer abroad and the organizational measures to be taken when processing personal data.

Hide details
ZoomZoom

New organizational obligations for companies

The Data Protection Act sets out new organizational obligations for companies, e.g. keeping a record of data processing activities (for companies with ≥ 250 employees), reporting data protection infringements, data protection follow-up assessment and handling of data protection through technology and default settings. 

It is also new that the law only applies to natural persons, not legal ones. Last but not least, the sanctions for deliberate infringements have been made substantially stronger, with fines of up to 250,000 francs for private individuals.

EOS is putting up a group-wide data protection shield

Data protection involves not only organizational measures, but is also closely linked to IT security. This article explains what EOS is doing for cyber security across the group.

Read more
Cyber Security hat für EOS höchste Priorität. Dafür baut das Unternehmen einen internationalen Schutzschirm auf.

Further information on data protection in Switzerland? Just get in touch.

Explore more from EOS

Junge Frau arbeitet an einem Laptop in einem modernen Büro.
Receivables Management Debts & Payments

EOS Study: Payment morale in Europe continues to decline
Apr 30, 2026
4 min.
Study: More and more companies in Europe are struggling with payment delays and uncollectibles – with serious consequences for liquidity and investments.
Learn more
Zwei Männer im Büro sprechen über die Ergebnisse der Studie European Payment Practices 2025 der EOS Gruppe über Digitalisierung im Forderungsmanagement.
Receivables Management Debts & Payments

EOS Study: Digitization in Dunning is Progressing Slowly
Apr 30, 2026
4 min.
Hesitant digitization in receivables management is slowing down companies. Survey "European Payment Practices" shows: Germany needs to catch up, while Spain, Romania, and Slovenia are pioneers.
Learn more
Drei Personen führen ein Gespräch in einem Büro.
Receivables Management Debts & Payments

EOS study: Companies demand less bureaucracy
Apr 30, 2026
4 min.
How can payment discipline in Europe be improved? Companies’ top demands include less bureaucracy and more effective tools to recover outstanding payments.
Learn more