The new Data Protection Act came into force in Switzerland on September 1, 2023, 31 years after its predecessor.
The main aim of the law is to comply with the EU’s RGPD to facilitate data exchanges between Swiss and European companies. 
In an article published by Le Temps dated September 4, 2023, two experts have taken up the essential points to remember.
Here’s a summary: 🛡️ Companies must now have clear governance over the collection, processing and storage of personal data.
💼 Companies with more than 250 employees or those handling sensitive information must keep a register of data processing activities.
⚖️ Penalties for non-compliance can reach 250,000 Swiss francs.
🚨 A communication plan for reporting data breaches to the Federal Data Protection and Information Commissioner (FDPIC) must be in place.
👥 Two new principles are introduced: “Privacy by Design” and “Privacy by Default”, obliging companies to consider data protection by design and by default in their systems.
🔑 In summary, the new Swiss data protection law strengthens companies’ governance and security obligations, aligns with EU standards and introduces severe penalties for non-compliance.
Discover our video format to understand the nLPD in 1min 👇
