Regulation

Data protection: More legislation and rights in Switzerland

Aug 31, 2023
Flexible working timeFlexible working time 2 min.
  • Extension of rights of affected parties
  • Rules on forwarding data to third parties
  • It is new that the law now only applies to natural persons, not legal ones.
As of 1 September 2023, new data protection regulations apply in Switzerland too. In light of the European General Data Protection Regulation (GDPR) which came into force in 2018, the finalization and introduction of the revised Swiss Data Protection Act (DPA) became a matter of urgency, especially as the old Data Protection Act from 19 June 1992 no longer met the increased requirements.

After extensive political wrangling, the Parliament passed the law on 25 September 2020. The Federal Council then issued the associated decree on 31 August 2022. The revised Swiss Federal Act on Data Protection (DPA) comes into force on 1 September 2023.
CancelCancel
ZoomZoom
The most important updated points mainly relate to the extension of the rights of the affected parties: 

  • Extended information obligation when obtaining personal data
  • Extended right of information
  • Right to correction, erasure or restriction of processing and disclosure
  • Right to data portability
  • Rules for profiling with high risk and for automated case-by-case decisions

What is new is that the law only applies to natural persons, not legal ones.

Daniel Bucklar
Corporate Legal Counsel, EOS Schweiz
The DPA also governs disclosing data to third parties and standardization of order processing. Another key area relates to data transfer abroad and the organizational measures to be taken when processing personal data.
CancelCancel
ZoomZoom

New organizational obligations for companies

The Data Protection Act sets out new organizational obligations for companies, e.g. keeping a record of data processing activities (for companies with ≥ 250 employees), reporting data protection infringements, data protection follow-up assessment and handling of data protection through technology and default settings. 

It is also new that the law only applies to natural persons, not legal ones. Last but not least, the sanctions for deliberate infringements have been made substantially stronger, with fines of up to 250,000 francs for private individuals.

EOS is putting up a group-wide data protection shield

Data protection involves not only organizational measures, but is also closely linked to IT security. This article explains what EOS is doing for cyber security across the group.
Read more
Cyber Security hat für EOS höchste Priorität. Dafür baut das Unternehmen einen internationalen Schutzschirm auf.

Further information on data protection in Switzerland? Just get in touch.

We use cookies on our website to enable you to have the best possible website visit. These include cookies that are necessary for the operation of the website, those that are only used for anonymous statistical purposes, cookies that are used for comfort settings and cookies that are used to provide you with personalized, interest-based content. You can decide yourself whether you want to allow the use of statistics, comfort, and marketing cookies. In addition, you can change/withdraw your consent at any time by clicking on the Change Cookies settings on the bottom of the website. Further information can be found in our Privacy Policy and Imprint.

Necessary

We use necessary cookies. These cookies are necessary for the operation and the basic functions of the website. In particular, they enable the security-relevant functioning of our website.
You can read about which cookies we use here.

Tool name Cookieconsent_status
Tool provider EOS Holding GmbH
Address of tool provider Steindamm 71, 20099 Hamburg, Germany
Tool description Essential cookie to save consent banner inputs.
Data processed None
Purpose of data processing To save consent
Retention period 60 days


Tool name Java Session Cookie
Tool provider EOS Holding GmbH
Address of tool provider Steindamm 71, 20099 Hamburg
Tool description Randomly generated session number essential for the proper functioning of the application software.
Data processed None
Purpose of data processing Proper functioning of website
Retention period Session cookie – is deleted after you have closed your browser.

Comfort

If you allow comfort cookies, we can make use of our site easier for you. If you visit our website again to use our services, it will automatically be recognized that you already visited us and the entries and settings you made will automatically be recognized so that you do not have to enter them again. 
You can read about which cookies we use here

Tool name Visitor
Tool provider EOS Holding GmbH
Address of tool provider Steindamm 71, 20099 Hamburg, Germany
Tool description We use this cookie to make it easier for you to use this website.
Data processed None
Purpose of data processing Optimization, improvement of service
Retention period Session cookie – is deleted after you have closed your browser.

Tool name NEW_Visitor
Tool provider EOS Holding GmbH
Address of tool provider Steindamm 71, 20099 Hamburg, Germany
Tool description We use this cookie to make it easier for you to use this website.
Data processed None
Purpose of data processing Optimization, improvement of service
Retention period 1 day

Statistics

We use statistical cookies to improve our offering and ensure a needs-based design and the continuous optimization of our website. 
For this, we collect anonymized data for statistics and analytics, for example, to determine site traffic and user behavior and to adapt and improve our content and the website experience. You can read about which cookies we use here

Tool name nmstat
Tool provider Siteimprove GmbH
Address of tool provider Rosenheimer Str. 143 C, 81671 Munich, Germany
Tool description This cookie contains an ID character string for the current session. It contains non-personally identifiable information about which sub-pages the visitor enters – this information is used to optimize the user experience.
Data processed None
Purpose of data processing Analysis, statistics
Retention period 399 days

Tool name AWSELB
Tool provider Siteimprove GmbH
Address of tool provider Rosenheimer Str. 143 C, 81671 Munich, Germany
Tool description This cookie ensures that all statistics from the same session are captured contiguously.
Data processed None
Purpose of data processing Analysis, statistics
Retention period Session end

Tool name siteimproveses
Tool provider Siteimprove GmbH
Address of tool provider Rosenheimer Str. 143 C, 81671 Munich, Germany
Tool description This cookie is used to track the sequence of pages viewed by the visitor during the website visit.
Data processed None
Purpose of data processing Analysis, website statistics
Retention period Session cookie – is deleted after you have closed your browser.

Marketing

We use marketing cookies so that we can provide you with relevant and interest-based content when you visit our website. You can read about which cookies we use here.

Tool name Facebook Pixel
Tool provider Meta Platforms Ireland Limited
Address of tool provider 4 Grand Canal Square, Grand Canal Harbour, Dublin, D02, Ireland.
Tool description Used by Meta to serve ads, measure and improve ad relevance, and offer advertising products on Meta.
Data processed Ads Viewed | Pages Visited | Browser Information | Facebook Cookie Information | Facebook User ID | Geographic Location | Device Information | HTTP Header | Interactions with Ads, Services and Products | IP Address | Marketing Information | Usage Data & Behavior | Pixel ID | Referrer URL | User Agent
Purpose of data processing Analysis | Conversion Tracking | Marketing | Social Media | Advertising
Retention period __fbp (duration: 3 months)


Tool name LinkedIn
Tool provider LinkedIn Ireland Unlimited Company
Address of tool provider LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland
Tool description This cookie is used to obtain anonymized reports about the website target audience and the possibility of targeted advertising, e.g., in the context of retargeting.
Data processed Device information, browser information, IP address, referrer URL and time stamp.
Purpose of data processing Marketing, analysis, retargeting
Retention period Cookie Name (duration: 90 days)

Accept all Confirm selection Reject all