FADP | Habefast
The FADP is a Swiss law that protects citizens’ personal data and is the basis for the nFADP (new Federal Act on Data Protection) which will take effect on 1 September 2023.
FADP, the Federal Act on Data Protection
Definition of FADP
The FADP (Federal Act on Data Protection) is a Swiss law that aims to protect citizens’ personal information. It was put in place in 1992 and revised in 2018 to comply with European data protection standards, including the European Union’s General Data Protection Regulation (GDPR).
The year 2023 will mark a further change as we will see in the rest of this article.
FDPA, a law that protects the personal data of Swiss citizens
This federal law establishes the rules for the collection, processing and use of personal data in Switzerland, and ensures that the fundamental rights of data subjects are respected. It imposes obligations on companies and organisations that process personal data in Switzerland, including the obligation to provide clear and accurate information about data processing, the obligation to ensure data security and the obligation to allow data subjects to exercise their data protection rights.
All companies and organisations that process personal data in Switzerland must comply with the rules set out in this law, including foreign companies that offer goods or services in Switzerland or monitor the behaviour of people in Switzerland. This ensures that the personal information of Swiss citizens is treated with respect.
The New Federal Act on Data Protection (nFAPD) strengthens the protection of personal data and imposes new obligations on companies
In 2018, the FPDA was revised to comply with European data protection standards as it was not sufficient to meet the challenges posed by rapidly changing technology.
Therefore, a new data protection law, the nFPDA, was adopted in 2019 and will come into force on 1 September 2023. The aim of this law is to strengthen data protection for Swiss citizens and to provide measures for the supervision of companies.
The nFPDA establishes stricter rules for the processing of personal data and imposes additional obligations on companies, such as the obligation to appoint a data protection officer (in companies with more than 250 employees) and to notify data violations within 72 hours.
In addition, the nFPDA gives internet users greater control over their personal data by allowing them to request the deletion of their data at any time.
These important changes in the nFPDA are a response to growing concerns about data protection and reflect recent developments in technology and e-commerce.